The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: Windows 2000/XP/Server 2003/Vista/Server 2008 versions, and even Windows 7 Pro-Beta in the testing phase.
The attacker uses the default open SMB service port 445 of the victim host to send a special RPC (Remote Procedure Call) request, which is triggered when the NEtPathCanonicalize function in the Server program is called through the MSRPC over SMB channel, and the NetPathCanonicalize function is triggered when accessing other hosts remotely. , Will call the NetpwPathCanonicalize function to normalize the remote access path, and a stack buffer memory error occurs in the NetpwPathCanonicalize function, which can be used to implement remote code execution.
Attacker: kali linux 10.3.45.22
Target machine: xp 10.3.17.154


Start the artifact

Choose our Payload

Set host ip

attack

I went, I was stunned for an instant, my xp blue screen. . . .
It's really uncomfortable. XP is scrapped and can't be opened. . The above code means that the host can't access after starting execution
Let’s reproduce here first, cry for my xp
The steps and attack process are all fine, you can refer to
cve_2019_0708_bluekeep's remote desktop vulnerability recurrence 0x00_Introduction On May 14, 2019, Microsoft released this month's security update patch, which fixes the Remote Desktop Protocol (RDP)...
Tomcat_Ajp vulnerability Because Tomcat's default AJP service (port 8009) has a file inclusion flaw, an attacker can construct a malicious request packet to perform file inclusion operations, and then...
1. Construction of experimental environment 1. Target machine: a vulnerable windows xp 2002 ip: 192.168.0.116 2. Attacking machine: a kail liunx, a kail liunx, ip, ip: 192.168.0.110, ip, 192.168.0.110...
Sphere of influence: Windows 2000 Windows XP Windows Server 2003 Reproduce the environment win xp :192.168.31.49 kali :192.168.31.117 recurrent: Does nmap scan vulnerability exist: Open metasploite, f...
MS08-067 vulnerability reproduction experiment Realize environment preparation: Attack machine: kali (IP: 192.168.153.129) Target drone: Windows XP (IP: 192.168.153.128) Attack tools: metasploit-frame...
Metasploit ms08_067 vulnerability attack practice Environmental preparation Two virtual machines, one is kali, as an attacker, and the other is windows xp sp3 Host IP kali 192.168.78.145 windows xp sp...
A vulnerability recovery experiment made by a network space security professional student, if there is a mistake or improvement, please advise. MS08-067 Vulnerability Analysis and Reclaim content MS08...
The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: various versions of Windows 2000/XP/Server 2003/Vista/Server 2008, and even Windows 7 Pro-Beta in...
Process: turn:...
Articles directory Foreword Introduction Second, influence Third, vulnerability harm Fourth, local reproduction Five, patch number 6. Windows Server 2003 SP2 Chinese version Utilization method 7. Deep...