Dave Aitel dave at immunityinc.com
Thu Nov 13 20:26:30 EST 2014

We need to have a competition for silliest name. But regardless, one of
the members of the team put this completely harmless screenshot together
that demonstrates a pre-auth attack against Windows 7 RDP using the
SChannel bug. Tomorrow we're putting this in CEU and starting the path
of investigating full RCE potential.

Thanks to whoever found such a great bug! This is the first default bug
in modern IIS and RDP in a long time (over a decade?).

Everyone running a Windows server on the Internet is going to wish they
had El Jefe installed on it. :>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: schannel_sanitized.png
Type: image/png
Size: 74508 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20141113/c5a528e3/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20141113/c5a528e3/attachment-0001.sig>

More information about the Dailydave mailing list