Metasploit MS06-040 Demo


Recently the exploit of a Vulnerability (MS06-040) in Windows’s Server Service Could Allow a hacker to run malicious code on a remote system.
Well Its all well and good that Microsoft have identified this as a “possible” security threat and have made an update but what does it look like in action?
Didier Stevens has made a video clip showing the exploit in action (using Metasploit) on a Windows 2000 SP4 server to “convince someone that using windows update was necessary.” (I would have to agree with him there after seeing this in action)
He creates a remote shell on the attacked server, connects to it and change the administrators password to Hacked.
Posted in Security | 1 Comment »
September 12th, 2006 at 8:42 am
ok