Downloaded the revised exploit code by HD moore and got it compiled on a linux box.
There seems to either be some flaws in the exploit code or just a general instability of the rpc service. If the code is run against a vulnerable box and the right SP level setting is not correct it crashes the rpc service and shuts down the port. Restarting the service will bring it back online. If the attack is successful you get a nice pretty windows shell. If you exit the shell the rpc service again crashes. I am sure the code will be revised to eliminate these problems. John _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
