Re: [Full-Disclosure] Bad news on RPC DCOM2 vulnerability

[Peter King <elvi52001@yahoo.com>]

why those *security* sites keep *exploits* online even when they know that this 
is an unpatched vuln !!!!
 
personnaly i'd like to test this exploit on my systems, but can't compile it 
http://www.k-otik.com/exploits/10.09.rpc2universal.c.php
 
can anyone post the .exe please, to test our machines ...
 
Cheers.

petard <petard@sdf.lonestar.org> wrote:
On Fri, Oct 10, 2003 at 07:05:46PM -0500, Bobby Brown wrote:
> So I can "assume" no other information is posted, other than this site, to 
> collaborate the RPC issue is not resolved or should we all try to translate 
> this site using the helpful hints, which they are?
> 
> 
k-otik posted some similar if not identical code, corroborating (to a point 
anyway) its
effectiveness. (It most likely worked for one of them if they posted it.)

I suggest taking the linked code, compiling it (use MSVC7) and testing it to 
confirm
for yourself. Please test on a machine that's not connected to the internet, 
though :-)

HTH,

petard




---------------------------------
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search