[Windows] MS08-067 - Windows remote command execution vulnerability (CVE-2008-4250)

tags: windows  Safety  Penetration test  Vulnerability  

Vulnerability

CVE-2008-4250 Microsoft No. MS08-067, according to Microsoft Security Vulnerability Announcement, Basic understanding of its principles:
MS08-067 Vulnerability is triggered by calling the NetPathCanonicalize function in the Server service program through the MSRPC over SMB channel, and the NetPathCanonicalize function calls the NetPwPathCanonicalize function to normalize the path to remote access (in the path string). The '/' converted to '', while removing the relative path "." And "..."), and a stack buffer memory error occurs in the NetPwPathCanonicalize function, resulting in implementing remote code execution.

Vulnerability

Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2
Windows XP Service Pack 3
Windows XP Professional x64 Edition
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP1
Windows Server 2003 SP2
Windows Vista and Windows Vista Service Pack 1
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
Windows Server 2008 (for 32-bit systems)
Windows Server 2008 (used for X64-based systems)
Windows Server 2008 (used for ITANIUM-based systems)
Windows 7 Beta (for 32-bit systems)
Windows 7 Beta x64 Edition
Windows 7 Beta (for ITANIUM-based systems)

Reclaim process

surroundings:

kali Linux
Windows XP Home SP2

Vulnerability detection with NAMP
nmap -p 445 --script=smb-vuln-ms08-067 192.168.150.137

Use MSF

Enter the MS08-067 utilization module and search for MS08_067

The configuration setting is as follows


Target defaults to automatic positioning requires precise, you can view all, then choose

Run runs successfully session

Intelligent Recommendation

Windows service penetration attack-MS08-067

Windows service penetration attack-MS08-067 MS08-067 vulnerability The MS08-067 vulnerability is a huge vulnerability that broke out at the end of 2008. The attacker used the SMB service port 445 deve...

Windows MS08-067 "Ruby SMB Encryption Error"

When using Vulhub, when doing MS08-067, it has been reported I have been a long time, I found a solution, In MSFCONSOLE The reason is like: This may have many different reasons. However, common reason...

MS08-067 vulnerability reproduction

Vulnerability introduction: The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: Windows 2000/XP/Server 2003/Vista/Server 2008 versions, and even Wind...

MS08-067 Vulnerability Utilization

Vulnerability introduction: If the user receives a special RPC request on the affected system, the vulnerability may allow remote execution code. At Microsoft Windows 2000, Windows XP, and Windows Ser...

MS08-067 vulnerability

MS08-067 vulnerability lab environment 1.kali linux(ip:192.168.131.131) 2.windows xp (ip:192.168.131.134) Port detection nmap 192.168.131.134 It is found that high-risk ports such as 445 and 3389 are ...

More Recommendation

[Vulnerability recurrence] MS08-067 classic remote overflow vulnerability recurrence

ms08-067 introduction The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: Windows 2000/XP/Server 2003/Vista/Server 2008 versions, and even Windows 7 ...

Desktop Windows CVE-2019-0708 Remote Code Execution Vulnerability reproduction

Desktop Windows CVE-2019-0708 Remote Code Execution Vulnerability reproduction First, vulnerability note May 15, 2019, Microsoft released a security patch to fix CVE number CVE-2019-0708 Windows Remot...

Reproduction of Windows Remote Desktop Code Execution Vulnerability (CVE-2019-0708)

Vulnerability introduction: On May 14, 2019, Microsoft officially released a security patch to fix the remote code execution vulnerability of the windows remote desktop service, which affects some old...

(CVE-2019-0708) Windows Remote Desktop Code Execution Vulnerability

One. Vulnerability introduction On May 15, 2019, the Alibaba Cloud Cloud Shield Emergency Response Center monitored that Microsoft officially released an emergency security patch to fix a remote code ...

CVE-2019-0708 Windows RDP Remote Code Execution Vulnerability Revision

Windows RDP Remote Code Performs CVE-2019-0708 Vulnerability Revision Vulnerability Windows operating system Remote Desktop Service Remote Code Execution Vulnerability (CVE-2019-0708) WINDOWS system. ...

Copyright  DMCA © 2018-2026 - All Rights Reserved - www.programmersought.com  User Notice

Top