Exploit para falhas em Servidores da Microsoft

Started by d3rf, 08 de June , 2006, 12:32:51 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

d3rf

08 de June , 2006, 12:32:51 AM
Serve para Microsoft IIS(4) NT4 e IIS(5) (Windows 2000) ...

Ps.: Não testei ... testem ae ...

/*
 *   DDK - 2k2 -
 *
 *
 *   coded by NeMeS||y tnx to Birdack
 * 
 *   
 */

// IIS 4(NT4) - IIS 5(2K) .asp bof

#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include www.iisvictim.com)\n"
         "  -t target\n"
      "  -p port      (default 80)\n"
         "  -f path_file (default /iisstart.asp)\n"
         "  -b step      (brute force, try step 2000)\n\n"
         "Available targets:\n\n");
  while(target[j].def != 666)
        {
          printf("  %d ] - %s -\n", target[j].def, target[j].descr);
          j++;
        }
  printf("\n"); 
  exit(1);
}

slul

#1
08 de June , 2006, 04:35:29 PM
root@kurumin:/home/kurumin/exploits# gcc iis.c -o iis
iis.c:190: warning: initialization makes integer from pointer without a cast
iis.c:263:9: missing terminating " character
iis.c: In function `main':
iis.c:265: error: stray '\' in program
iis.c:265: error: `Start' undeclared (first use in this function)
iis.c:265: error: (Each undeclared identifier is reported only once
iis.c:265: error: for each function it appears in.)
iis.c:265: error: syntax error before "n"
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265: error: stray '\' in program
iis.c:265:84: missing terminating " character
iis.c:269:22: missing terminating " character
iis.c:271: error: `Brute' undeclared (first use in this function)
iis.c:271: error: syntax error before "forcing"
iis.c:271: error: `forcing' undeclared (first use in this function)
iis.c:271: error: stray '\' in program
iis.c:271: error: stray '\' in program
iis.c:271:51: missing terminating " character
iis.c:274: error: syntax error before ')' token
iis.c:276: error: syntax error before ')' token
iis.c: At top level:
iis.c:281: error: syntax error before "unsigned"
iis.c:282: error: syntax error before "unsigned"
iis.c:283: error: syntax error before "unsigned"
iis.c:285: error: syntax error before '&' token
iis.c:286: error: `buf' undeclared here (not in a function)
iis.c:286: error: invalid initializer
iis.c:286: warning: data definition has no type or storage class
iis.c:293: error: syntax error before string constant
iis.c:294: warning: conflicting types for built-in function `sprintf'
iis.c:294: warning: data definition has no type or storage class
iis.c:296: error: syntax error before "unsigned"
iis.c:297: error: syntax error before "unsigned"
iis.c:299: error: syntax error before '(' token
iis.c:301:24: missing terminating " character
iis.c:303: error: syntax error before string constant
iis.c:303:13: invalid suffix "x" on integer constant
iis.c:303:16: invalid digit "8" in octal constant
iis.c:303:23: missing terminating " character
iis.c:306: warning: conflicting types for built-in function `fprintf'
iis.c:306: warning: data definition has no type or storage class
iis.c:308: error: syntax error before numeric constant
iis.c:308: warning: data definition has no type or storage class
iis.c:309: warning: parameter names (without types) in function declaration
iis.c:309: warning: data definition has no type or storage class
iis.c:310: error: syntax error before string constant
iis.c:310: warning: conflicting types for built-in function `printf'
iis.c:310: warning: data definition has no type or storage class
iis.c:311: error: `host' undeclared here (not in a function)
iis.c:311: error: initializer element is not constant
iis.c:311: warning: data definition has no type or storage class
iis.c:312: error: syntax error before "if"
iis.c:315: error: syntax error before string constant
iis.c:315: warning: data definition has no type or storage class
iis.c:316: error: syntax error before '-' token
iis.c:316: error: conflicting types for `exit'
/usr/include/stdlib.h:612: error: previous declaration of `exit'
iis.c:316: warning: data definition has no type or storage class
iis.c:320:18: missing terminating " character
iis.c:322: error: stray '\' in program
iis.c:322: error: stray '\' in program
iis.c:322:29: missing terminating " character
iis.c:325: warning: parameter names (without types) in function declaration
iis.c:325: error: conflicting types for `l33thax0r'
iis.c:198: error: previous declaration of `l33thax0r'
iis.c:325: warning: data definition has no type or storage class
iis.c:326: error: syntax error before numeric constant
iis.c:326: warning: data definition has no type or storage class
iis.c:424: error: conflicting types for `l33thax0r'
iis.c:325: error: previous declaration of `l33thax0r'
iis.c: In function `l33thax0r':
iis.c:443: error: incompatible types in assignment
iis.c:451: error: incompatible types in assignment


qdo vi o code tive certeza q meu mero gcc nao conseguirria compilar esse troço =P

d3rf

#2
08 de June , 2006, 05:13:02 PM
Tenta outro compilador ...
ve se alguém do fórum conseguiu compilar e perguntar qual usou

slul

#3
08 de June , 2006, 05:51:52 PM
amigo... esse xpl eh pra unix ou soh pra windows?

_Dr4k0_

#4
08 de June , 2006, 06:47:36 PM
Tentei com o dev-c++ tb não consegui não..

porém deu bem menos erros..
100% Livre!!!Livre para escolher o que há de melhor no Windows e Linux. Livre de preconceito direto ou inverso!
Adote essa filosofia e tenha mais chance de sucesso profissional.

d3rf

#5
08 de June , 2006, 06:49:57 PM
Para WINDOWS kara, só para WINDOWS ... compila no WINDOWS

OnlyOne

#6
09 de June , 2006, 12:21:57 AM Last Edit: 09 de June , 2006, 12:25:45 AM by OnlyOne
UNIX xpl ok guys ? lembrando a vcs q nao e pq foi feito em C q vai roda em windows e *NIX , existem diferenças entrre C pra windows e C pra *NIX
No céu toca Joy Division

Anonymous

#7
09 de June , 2006, 02:42:19 AM
Humm..
Galerinha então o xpl proposto acima é Windows mesmo e assim.. ele não vai compilar por estar travado contra scriptKID como todo exploit que se preze é travado ( menos os meus que são direcionados a este forum )

bom .. então primeiro é necessario quebrar a proteção contra ScriptKid para dps compilarem.. e assim ele compila em Linux sim basta fazer algumas modificações..

Se eu conseguir compilar eu coloco o Download Dele..
Com o código Des-Protegido e o Executavel..

Falow gente.!!

Anonymous

#8
09 de June , 2006, 02:44:29 AM
Opa corrigindo desculpa ai mais o xpl é pra LINUX.. usado linux contra Windows..

para afetar o windows..
e assim ele está usando os cabeçalhos de Linux vejam só..

Code Select

#include <signal.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/time.h>
#include <sys/wait.h>
#include <errno.h>
#include <unistd.h>
#include <fcntl.h>
#include <netinet/in.h>
#include <limits.h>
#include <netdb.h>
#include <arpa/inet.h>



Então mais dá sim para portar para Windows .. porem seria um trabalho a mais .. talvez mais tarde se me sobrar tempo eu porto ele para windows.. porem ele é linux mesmo não tinha visto corretamente os cabeçalhos..

desculpem pelo post duplo também . mais não tem edit..*
Print
Go Up Pages1
User actions