[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <3F24572E.23562.1A4E04D@localhost>
From: m.graf at firmenwelt.de (Marcus Graf)
Subject: DCOM RPC exploit failed
Just 4 info:
I compiled dcom.c on linux and tried it against a
Windows 2000 SP4, german version.
The exploit failed (maybe I need some offset adjustments for the
german version of Win2k) but after that I noticed some malfunctions:
- The windows explorer was not able to perform drag'n drop any more.
When I tried to drag a file somewehere nothing happened.
- The media player failed. The window came up and closed itself after
a few seconds.
... don't know what else failed...
So even when then exploit failed it may seriously disturb the windows
functionality. A massive scan for vulnerable windows systems on the
net may become the character of an DoS attack even without any
successful exploit.
Ciao
Marcus
--
Windows is not the answer.
Windows is the question and the answer is no.
Powered by blists - more mailing lists