Bug #800

kitrap0d.rb doesn't work on win2k - applies to some SPs of XP too

Added by James Nobis about 2 years ago. Updated about 1 year ago.

Status:Closed Start date:01/31/2010
Priority:Normal Due date:
Assignee:Joshua J. Drake % Done:

100%
Category:modules - exploits
Target version:Metasploit 3.5.0
Resolution: Release Note:

Description

A comment in the code vdmexploit.c states:
"Windows 2000 forces the thread to exit with 0x80 if Padding3 is filled with junk. With a buffer full of NULLs, the exploit never finds the right size. This will require more work to resolve, for just keep the padding zero'd."

This same exit code appears in unpatched Windows XP Pro and Windows XP Pro SP1/SP1a. It does not appear in windows XP Pro SP2 or SP3.

Related issues

related to Metasploit Framework - Bug #801: kitrap0d.rb os signature updates Closed 01/31/2010

Associated revisions

Revision f997b372
Added by Joshua Drake over 1 year ago

remove the kitrap0d meterpreter script in favor of the "getsystem" implementation, fixes #800, fixes #801

git-svn-id: file:///home/svn/framework3/trunk@10739 4d416f70-5f16-0410-b530-b9f4589650da

History

#1
Updated by HD Moore almost 2 years ago

  • Target version set to 18

#2
Updated by HD Moore almost 2 years ago

  • Target version changed from 18 to Metasploit 3.4.0

#3
Updated by James Lee over 1 year ago

  • Target version changed from Metasploit 3.4.0 to Metasploit 3.4.1

#4
Updated by James Lee over 1 year ago

  • Target version changed from Metasploit 3.4.1 to Metasploit 3.5.0

#5
Updated by Joshua J. Drake over 1 year ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Applied in changeset r10739.

#6
Updated by Jonathan Cran about 1 year ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF