Fake RDP PoC Erases Root

A fake proof of concept for the MS12-020 RDP vulnerability has been doing the rounds. Called rdpsmash the python script contains a block of shellcode that actually executes “rm -rf /” on *NIX or recursively deletes system32 on Windows (the former is obviously far worse).

As Michael Thumann from Insinuator said in his article, “never run any untrusted code (especially exploits) without a detailed analysis.” Well said Michael.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s