lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.33.0307281239170.18395-100000@disney.cs.msstate.edu>
From: rwm8 at CSE.MsState.EDU (Robert Wesley McGrew)
Subject: DCOM RPC exploit  (dcom.c)

To answer my own question, I just noticed this on the metasploit site :

"Update: A return address has been identified for both Windows 2000 and
Windows XP that works independent of the service pack. This information
can be easily obtained by analyzing the DLL's that are loaded by the
svchost.exe process"

On Mon, 28 Jul 2003, Robert Wesley McGrew wrote:

> 2) For this DCOM RPC problem in particular, everyone's talking about
> worms.  How would the worm know what return address to use?  Remote OS
> fingerprinting would mean it would be relatively large, slow, and
> unreliable (compared with Slammer), and sticking with one would cause more
> machines to just crash than to spread the worm.  I haven't looked into
> this very closely yet to see if it can be generalized.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ