[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability

To: <full-disclosure@lists.netsys.com>
Subject: Re: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability
From: "Alex" <pk95@yandex.ru>
Date: Mon, 13 Oct 2003 08:32:37 +0400

RE: Re: Bad news on RPC DCOM vulnerabilityThis code doesn't work without 
shellcode. The simple version of a "battle" shellcode can be found here:

http://www.SecurityLab.ru/_exploits/bshell2 (add user 'a' with pass 'a' in 
administrator group)

You can change this shellcode as you need.

On system with MS03-39 installed, this code only crash systems, because nature 
of new vulnerability is not known.

See more: http://www.securitylab.ru/40757.html



  ----- Original Message ----- 
  From: Mike Gordon 
  To: full-disclosure@lists.netsys.com 
  Sent: Monday, October 13, 2003 1:41 AM
  Subject: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability


  A compiled version is found at http://www.SecurityLab.ru/_exploits/rpc3.zip 
  But it seems to only crash systems. 

  Does any one have a clean complile of the "better code" from 
http://www.cyberphreak.ch/sploitz/MS03-039.txt

Follow-Ups:
- RE: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability
  - From: "Brett Moore" <brett.moore@security-assessment.com>

References:
- [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability
  - From: "Mike Gordon" <sigpizbguy@hotpop.com>

Prev by Date: [Full-Disclosure] OT: I'd like to post a question to help settle an argument
Next by Date: Re: [Full-Disclosure] OT: An odd question that has arrisen within my household
Previous by thread: RE: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability
Next by thread: RE: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability
Index(es):
- Date
- Thread