bit-tech.net

Go Back   bit-tech.net Forums > bit-tech.net > Article Discussion

Reply
 
Thread Tools
Old 19th Mar 2012, 11:47   #1
brumgrunt
Ultramodder
 
brumgrunt's Avatar
 
Join Date: Dec 2011
Posts: 1,009
brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.brumgrunt is a hoopy frood who really knows where their towel is.
Leak outs Microsoft RDP vulnerability exploit

The code required to exploit the recently disclosed vulnerability in the Windows RDP service has been leaked.

http://www.bit-tech.net/news/bits/20...-rdp-exploit/1
brumgrunt is offline   Reply With Quote
Old 19th Mar 2012, 12:12   #2
Action_Parsnip
Hypermodder
 
Action_Parsnip's Avatar
 
Join Date: Apr 2009
Location: Exeter
Posts: 719
Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!Action_Parsnip - it's over 9000!!!!!!!!1!1!1!!!
"claims that the public proof-of-concept code contains the exact same packet he crafted in his submission to Microsoft. The implication: somebody at Microsoft or TippingPoint leaked the information to the bad guys."

Or he leaked it....
__________________
"Ooh he card read good!"

Q6700@3.475ghz 9x386mhz, Asus P5-B Deluxe WIFI-AP, 2x2gb Kingston 1066 @965mhz 5-5-5-15, western Digital Caviar Black 1tb HDD, Titan Fenrir, PC Power&Cooling 750w, XFX 4890
Action_Parsnip is offline   Reply With Quote
Old 19th Mar 2012, 13:44   #3
schmidtbag
Hypermodder
 
Join Date: Jul 2010
Location: MA, USA
Posts: 782
schmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on youschmidtbag - may the hammer of Bindi be bestowed on you
when i heard ms expecting 30 days to exploit the vulnerability the first thing i thought was "ms has no idea how oblivious they are to programmers who are much better than their own. i expect this will only take a few days" and as i kept reading i found out i was right.

when windows 7 was first released, microsoft was acting all proud of this supposed new anti-piracy method (which still uses the same stupid randomly generated code that has been proven over and over again that it doesn't work) yet windows 7 was successfully pirated before it was even on the shelves. MS seriously needs to stop acting like their developers know best.
__________________
4.4GHz FX-6300 (on an AM3 board) with C'n'Q on, 8GB of RAM, 2x ATI HD5750, ADATA SP900 64GB SSD, Arch Linux 64 bit.
schmidtbag is offline   Reply With Quote
Old 19th Mar 2012, 13:54   #4
GoodBytes
How many wifi's does it have?
 
GoodBytes's Avatar
 
Join Date: Jan 2007
Location: Montreal, Canada
Posts: 12,139
GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.GoodBytes is the Cheesecake. Relix smiles down upon them.
Actually Microsoft is correct.
If you have your Windows set to allow connections only from computers running Remote Desktop with Network Level Authentication, than this issue doesn't affect you. If you selected the less secure one, to allow an XP or Windows 2000 machine to connect to your computer, NOW you should be worried. It took since 2001 all the way up to 2012 (now) to hack/find security hole in the XP Remote Desktop. That's pretty dam impressive, consider that XP security was a complete joke (in today's needs), and bombarded with security holes.
__________________
Nv GPU Pro - Automate your graphic card overclock base on what you run, reduce power and noise. Designed for Laptops and Desktops. Filled with features.

Core i7 930 2.8GHz | G.Skill Pi 6GB 1600MHz 7-5-7-24 1.5V | Gigabyte GA-X58A-UD5 | GeForce GTX 260 | W.D Caviar Black 1TB | Corsair AX750 | Noctua NH-U12P | Xonar Essence STX | Win8 Pro 64-bit | Dell U2410 - 1920x1200 | OCZ Vertex 4 250GB
GoodBytes is offline   Reply With Quote
Old 19th Mar 2012, 20:13   #5
John_T
Supermodder
 
Join Date: Aug 2009
Posts: 443
John_T has yet to learn the way of the DremelJohn_T has yet to learn the way of the DremelJohn_T has yet to learn the way of the DremelJohn_T has yet to learn the way of the DremelJohn_T has yet to learn the way of the DremelJohn_T has yet to learn the way of the DremelJohn_T has yet to learn the way of the Dremel
Quote:
Originally Posted by Action_Parsnip
"claims that the public proof-of-concept code contains the exact same packet he crafted in his submission to Microsoft. The implication: somebody at Microsoft or TippingPoint leaked the information to the bad guys."

Or he leaked it....
Why on earth would he leak it? He found/developed the thing in the first place. If he wanted to use it himself, he'd have used it himself. Secretly. No-one would have know it was him, no-one would have known the exploit existed and so no-one would have been prepared to defend against it.
John_T is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 11:20.
Powered by: vBulletin Version 3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.