|
Hi,
I have just uploaded a k-plugin for Kartoffel, which exploits a flaw
patched in the recent MS08-066 bulletin.
http://kartoffel.reversemode.com/downloads.php
backup: http://milw0rm.com/sploits/2008-afd_plugin.zip
For those researchers interesting in digging a little bit more into this
flaw, just take a look at afd!AfdGetRemoteAddress and/or check this out
http://blogs.technet.com/swi/archive/2008/10/14/ms08-066-how-to-correctly-validate-and-capture-user-mode-data.aspx
Regards,
Rub茅n.
# [2008-10-15]
|