MS12-020

Question

MS12-020

blockchainguard opened this issue 5 years ago · comments

blockchainguard commented 5 years ago

patched windows server 2008 r2
kbKB2667402
then run crashexploit.py

the host is ok
so
this fake poc!!! is NOT CVE-2019-0708 POC

blockchainguard · Answer 1 · Fri May 31 2019 15:10:21 GMT+0800 (China Standard Time)

attack patched host whit windows server 2008 r2

python crashpoc.py 10.10.X.X 64
File "crashpoc.py", line 194, in
main(sys.argv)
File "crashpoc.py", line 158, in main
tls = send_init_packets(args[1])
File "crashpoc.py", line 71, in send_init_packets
tls.do_handshake()
OpenSSL.SSL.SysCallError: (104, 'Connection reset by peer')

Spencer · Answer 2 · Fri May 31 2019 15:20:32 GMT+0800 (China Standard Time)

The error clearly says the tls handshake failed. The code forces a tlsv1 handshake. If that doesn’t work for you then change the code to a suitable protocol

blockchainguard · Answer 3 · Fri May 31 2019 15:22:50 GMT+0800 (China Standard Time)

patched thank you