• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Windows 7/Vista *All* UPnP Exploit Help???

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
stream_venom
Just Arrived
Just Arrived


Joined: 13 Oct 2009
Posts: 0
Location: Atlanta,GA

Offline

PostPosted: Tue Oct 13, 2009 2:46 am    Post subject: Windows 7/Vista *All* UPnP Exploit Help??? Reply with quote

Need help with this one

PORT STATE SERVICE VERSION
1862/tcp open unknown
5357/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
22504/tcp open unknown
45100/tcp open unknown
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bi…..submit.cgi :
SF-Port22504-TCP:V=5.00%I=7%D=10/6%Time=4ACBD3C2%P=i686-pc-linux-gnu%r(Get
SF:Request,6E,"HTTP/1.0×20406x20Notx20AcceptablernDate:x20Wed,x200
SF:7×20Octx202009×2003:33:17×20GMTrnServer:x20Frosty/4.17.2rnCo
SF:ntent-Length:x200rnrn")%r(FourOhFourRequest,7E,"HTTP/1.0×20400x
SF:20Badx20RequestrnDate:x20Wed,x2007×20Octx202009×2003:33:28×20G
SF:MTrnServer:x20Frosty/4.17.2rnContent-Length:x200rnConnection:
SF:x20Closernrn");
MAC Address: 00:1D:09:96:07:44 (Dell)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Microsoft Windows 2008|Vista
OS details: Microsoft Windows Server 2008 Beta 3, Microsoft Windows Vista SP0 or SP1 or Server 2008 SP1
TCP/IP fingerprint:
OS:SCAN(V=5.00%D=10/6%OT=1862%CT=%CU=%PV=Y%DS=1%G=N%M=001D09%TM=4ACBD3FF%P=
OS:i686-pc-linux-gnu)SEQ(SP=108%GCD=1%ISR=10B%TI=I%TS=7)OPS(O1=M5B4NW8ST11%
OS:O2=M5B4NW8ST11%O3=M5B4NW8NNT11%O4=M5B4NW8ST11%O5=M5B4NW8ST11%O6=M5B4ST11
OS:)WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)ECN(R=Y%DF=Y%TG=80%
OS:W=2000%O=M5B4NW8NNS%CC=N%Q=)T1(R=Y%DF=Y%TG=80%S=O%A=S+%F=AS%RD=0%Q=)T2(R
OS:=N)T3(R=N)T4(R=N)U1(R=N)IE(R=N)

Uptime guess: 0.367 days (since Tue Oct 6 14:45:58 2009)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=264 (Good luck!)
IP ID Sequence Generation: Incremental
Service Info: OS: Windows

The port of intrest is 5357. After doing some search I have found that it belongs to a something like Limewire,Frostwire, or something like it… I have been using an exploit I found on Milw0rm to see if I could exploit the program behind the port…

All I get is this…

[+] checking if host exists…
[+] 192.168.1.94 exists…connecting…
[+] Connected…sending the request…
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 07 Oct 2009 03:54:40 GMT
Connection: close
Content-Length: 334

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request – Invalid Hostname</h2>
<hr><p>HTTP Error 400. The request hostname is invalid.</p>
</BODY></HTML>

I have been looking for help with this since Wednesday of last week... any help is much appreciated.
Back to top
View user's profile Send private message Yahoo Messenger
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register