new utilman.exe exploit (allinone remote exploitation)

To: bugtraq@xxxxxxxxxxxxxxxxx, news@xxxxxxxxxxxxxx
Subject: new utilman.exe exploit (allinone remote exploitation)
From: Iván Rodriguez Almuiña <kralor@xxxxxxxxxxxxxx>
Date: Sat, 17 Jul 2004 23:33:27 +0200 (CEST)
Importance: Normal
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: kralor@xxxxxxxxxxxxxx
User-agent: SquirrelMail/1.5.0

utilman.exe exploit version 2.666 by kralor
-----------------------------------------------------------
v2.666: autonomous (allinone) remote exploitation system ;)
-----------------------------------------------------------
It can be executed through poor cmd.exe shells (like
nc -lp 666 -e cmd.exe from a normal user account).
Must be called with an argument (any argument), just read
source code you will understand why.


-- 
Iván Rodriguez Almuiña
aka kralor
kralor[<aT]>coromputer.net
http://www.coromputer.net

Attachment: utilmaned2.c
Description: Binary data

Prev by Date: Mozilla Bug Isn't So Bad
Next by Date: [SECURITY] [DSA 528-1] New ethereal packages fix denial of service
Previous by thread: Re: Mozilla Bug Isn't So Bad
Next by thread: [SECURITY] [DSA 528-1] New ethereal packages fix denial of service
Index(es):
- Date
- Thread