| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.53.0308251014430.4011@hash.intra.andra.com.pl> From: sq5bpf at andra.com.pl (Jacek Lipkowski) Subject: fingerprinting windows via 135/tcp Hello, I've been looking for a way to fingerprint windows systems via 135/tcp. There are some differences in responses to invalid rpc request - it seems that different windows versions treat the Assoc group field differently. Usign this one can tell apart NT, 2000 and XP/2003. I've enclosed a simple library to check the windows version, and see if it is vulnerable to the DCOM/RPC exploit (code ripped from dcom_scanz.c by kid and farp of buildtheb0x.com). There is also a simple program to demonstrate the library, and a dcom/rpc exploit patched to autodetect the target operating system. Since i have no knowledge about dcom/rpc i wanted to ask if there is a simpler way to do it? Maybe some call that would just return the version directly? jacek -------------- next part -------------- A non-text attachment was scrubbed... Name: idwin.tar.gz Type: application/octet-stream Size: 7290 bytes Desc: Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030825/36e322de/idwin.tar.obj
Powered by blists - more mailing lists