lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <GEEDJNOBNPDFCHGBHPNDAEONDMAA.tom@scriptsupport.co.uk>
From: tom at scriptsupport.co.uk (Tom H)
Subject: DCOM RPC exploit  (dcom.c)


I used nmap to scan a random /16 for systems with port 135 open,
I fed the results of systems with that port open into enum  (enum -S $ip)
and grepped for a "SharedDocs" share, which indicates  XP box.
Then I ran the win32 binary I compiled from from the c code posted to this list
against that list of ips.
I assumed that most XP boxes would be SP1.
I got 6 command prompts.
I then ran the same binary looking for Xp with Sp0.
I got 156 command prompts.





Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ