|
Disabling the Virus Scanner’s Buffer Overflow Protection
|
bet | 9/10 | Sana | 01.04.2021 | Hajmi | 0,51 Mb. | | #13832 |
In the Windows 2000 virtual machine, in the lower right corner, right-click the little shield icon and select "VirusScan Console".
In the "VirusScan Console" window, right-click "Buffer Overflow Protection" and select Disable. The Status line should change to Disabled as shown to the right on this page.
On your Windows XP virtual machine, in the Firefox window, type in the address 127.0.0.1:55555 and press the Enter key.
Scroll down to "Microsoft LSASS MSO4-011 Overflow" and click it.
Scroll down to the "Select Target" section and click "Windows 2000".
In the "Select Payload" section, click win32_reverse.
Enter the RHOST and LHOST values you wrote down in the boxes on previous pages of this project Then click the Exploit button.
You should see an "Exploit Output" similar to the example to the right on this page, with different IP addresses and ports. If it works, you will see the line "Shell started on session 1" (your session number will be larger). You may have to try the exploit more than once.
When you get a connection, in the "Shell started on session #" line, click the session link.
|
| |