Redes Sociales

miércoles, 19 de julio de 2017

Windows OS version from Major & Minor numbers

Sometimes during an audit you need to determine what's a specific System. Sometimes it's possible to obtain informacion y some SMB traffic is found, but if not, you can find some "BROWSER" traffic:

Sometimes there's no info available. In this cases one can determine the OS that sent this traffic by looking is Major & Minor numbers:

Operating System Version NumberMajor NumberMinor Number
Windows 95 OEM Service Release 1 (95A) 4.00.95040
Windows 95 OEM Service Release 2 (95B) 4.00.111140
Windows 95 OEM Service Release 2.1 4.03.1212-121440
Windows 95 OEM Service Release 2.5 C 4.03.121440
Windows 98 4.10.1998410
Windows 98 Second Edition (SE) 4.10.2222 A410
Windows Millenium Beta 4.90.2476490
Windows Millenium 4.90.3000490
Windows NT 3.1 3.10.528310
Windows NT 3.5 3.50.807350
Windows NT 3.51 3.51.1057351
Windows NT 4.00 4.00.138140
Windows NT 5.00 (Beta 2) 5.00.151550
Windows 2000 (Beta 3) 5.00.203150
Windows 2000 (Beta 3 RC2) 5.00.212850
Windows 2000 (Beta 3) 5.00.218350
Windows 2000 5.00.219550
Windows XP (RC 1) 5.1.250551
Windows XP 5.1.260051
Windows XP, Service Pack 1 5.1.2600.1105-110651
Windows XP, Service Pack 2 5.1.2600.218051
Windows XP, Service Pack 3 5.1.260051
Windows .NET Server interim 5.2.354152
Windows .NET Server Beta 3 5.2.359052
Windows .NET Server Release Candidate 1 5.2.366052
Windows .NET Server 2003 RC2 5.2.371852
Windows Server 2003 (Beta?) 5.2.376352
Windows Server 2003 5.2.379052
Windows Server 2003, Service Pack 1 5.2.3790.118052
Windows Server 2003 5.2.3790.121852
Windows Home Server 5.2.379052
Windows Longhorn 6.0.504860
Windows Vista, Beta 1 6.0.511260
Windows Vista, Community Technology Preview 6.0.521960
Windows Vista, TAP Preview 6.0.525960
Windows Vista, CTP 6.0.527060
Windows Vista, CTP 6.0.530860
Windows Vista, CTP (Refresh) 6.0.534260
Windows Vista, April EWD 6.0.536560
Windows Vista, Beta 2 Preview 6.0.538160
Windows Vista, Beta 2 6.0.538460
Windows Vista, Pre-RC1 6.0.545660
Windows Vista, Pre-RC1, Build 5472 6.0.547260
Windows Vista, Pre-RC1, Build 5536 6.0.553660
Windows Vista, RC1 6.0.5600.1638460
Windows Vista, Pre-RC2 6.0.570060
Windows Vista, Pre-RC2, Build 5728 6.0.572860
Windows Vista, RC2 6.0.5744.1638460
Windows Vista, Pre-RTM, Build 5808 6.0.580860
Windows Vista, Pre-RTM, Build 5824 6.0.582460
Windows Vista, Pre-RTM, Build 5840 6.0.584060
Windows Vista, RTM 6.0.6000.1638660
Windows Vista 6.0.600060
Windows Vista, Service Pack 2 6.0.600260
Windows Server 2008 6.0.600160
Windows 7, RTM 6.1.7600.1638561
Windows 7 6.1.760161
Windows Server 2008 R2, RTM 6.1.7600.1638561
Windows Server 2008 R2, SP1 6.1.760161
Windows Home Server 2011 6.1.840061
Windows Server 2012 6.2.920062
Windows 8 6.2.920062
Windows Phone 8 6.2.1021162
Windows Server 2012 R2 6.3.920063
Windows 8.1 6.3.920063
Windows 8.1, Update 1 6.3.960063
Windows 10 10.0.10240100
Windows Server 2012 R2 6.3.960063
Publicado por en No hay comentarios:

CVE 2017-6017 Video Demo

At last I've ready a video demo of the vulnerability I found last year in the PLC Modicon M340. It was eventually catalogued as:

Other vulnerability databases mentioned it as well:

Ok, then, this is the demo video of the vulnerability (https://www.youtube.com/watch?v=9rz4rI82dWM):

This is very dangerous because an attacker could turn off very easily any of the more than 600 modicon devices currently accesible in internet:

For more information about this vulnerability, visit my previous entry in this blog talking about it.

I currently have an exploit both in python and Ruby, will publish them once the accessible vulnerable devices in shodan go below 100.

Meanwhile, there are many other toys waiting!!

Publicado por en No hay comentarios:
Suscribirse a: Entradas (Atom)