Hi,
I have just uploaded a k-plugin for Kartoffel, which exploits a flaw
patched in the recent MS08-066 bulletin.
http://kartoffel.reversemode.com/downloads.php
backup: http://milw0rm.com/sploits/2008-afd_plugin.zip
For those researchers interesting in digging a little bit more into this
flaw, just take a look at afd!AfdGetRemoteAddress and/or check this out
http://blogs.technet.com/swi/archive/2008/10/14/ms08-066-how-to-correctly-validate-and-capture-user-mode-data.aspx
Regards,
Rubén.
# milw0rm.com [2008-10-15]
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论