[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Possibly a stupid question RPC over HTTP

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Possibly a stupid question RPC over HTTP
From: Roberto Gomez Bolaños <wari00@xxxxxxxxx>
Date: Wed, 13 Oct 2004 18:56:06 -0300

Barry Fitzgerald wrote:
> Daniel H. Renner wrote:
> 
>> Daniel,
>>
>> Could you please point out where you read this data?  I would like to
>> see this one...
>>  
>>
> 
> I seem to remember that this was one of the caveats with regard to 
> MSBlast and RPC/DCOM vulnerabilities last year.
> 
> In certain configurations, it was theoretically possible (I'd never 
> personally seen any PoC code or worms that exploited it, though) that 
> some RPC calls could be made via RPC over HTML.  According to the 

more than theoretically posibly...
u can chek that with the DCE/RPC endpoint dumper program that
is part of the impacket python package:

http://oss.coresecurity.com/projects/impacket.html
http://oss.coresecurity.com/impacket/rpcdump.py

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] my first orgasem
Next by Date: Re: [Full-Disclosure] Norton AntiVirus 2005 treats Radmin as a Virus ??!
Previous by thread: Re: [Full-Disclosure] Possibly a stupid question RPC over HTTP
Next by thread: RE: [Full-Disclosure] Possibly a stupid question RPC over HTTP
Index(es):
- Date
- Thread