[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20030728030905.64498.qmail@web11405.mail.yahoo.com>
From: xillwillx at yahoo.com (w g)
Subject: Running DComCfg remotely...
or you could send a worm out on your network to use the exploit then execute
Regedit.exe /s dcom.reg
<.snip>dcom.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="N"
</.snip>
in case your wondering how to get the dcom.reg onto the computer maybe you can use either ftp tftp or good ole' copy con
illwill
needs a job as an admin... instead of these whiney bitches who got a admin job because they knew how to send picture in aol before the president of their company did
http://illmob.org/rpc/
Duane Maurer <duanerama@...mail.com> wrote:
A few obeservations...
1.) I am sick of hearing 'administrators' whining... at least you have a
job...
2.) If you deserve the title of 'administrator' (for Windows that is) then
you should know by now how to use RegMon from www.SysInternals.com
3.) So, run RegMon and see what key the check box in DComCfg.exe uses...
duh...
4.) For those too lazy, or not knowledgable enough...
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\EnableDCOM set this to 'N' (it is
of type Reg_SZ)
5.) If you can't change a registry key on all of your machines... you have
more problems than I can help you with... and more problems than just an RPC
worm...
Thank you for your time,
Duane Maurer II
out of work administrator and developer
_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
---------------------------------
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030727/c46de968/attachment.html
Powered by blists - more mailing lists