> --- Sudharsha Wijesinghe <[EMAIL PROTECTED]> > wrote: > > According to MS there cant be any Remote exploit on > > MS RPC except for a > > DOS attack using 139/135/445. > > How ever the code is available for a shell code. > > has any one tried this exploit? > > no remote exploit ? > > http://www.k-otik.com/exploits/10.09.rpc2universal.c.php > http://www.k-otik.com/exploits/09.20.rpcdcom2ver1.1.c.php > http://lists.netsys.com/pipermail/full-disclosure/2003-Septemb er/009848.html
What about dcom.exe that hit the streets before MS even released the first 032 patch. With it, you could own a box in 2 minutes. I can only imagine how many thousands of bots were deployed before blaster hit, as the kiddies were hitting their keyboards just as fast as their little fingers could type. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
