Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Possibly a stupid question RPC over HTTP
From: Roberto Gomez Bolaños <wari00 () gmail com>
Date: Wed, 13 Oct 2004 18:56:06 -0300

Barry Fitzgerald wrote:
Daniel H. Renner wrote:

Daniel,

Could you please point out where you read this data?  I would like to
see this one...
 


I seem to remember that this was one of the caveats with regard to 
MSBlast and RPC/DCOM vulnerabilities last year.

In certain configurations, it was theoretically possible (I'd never 
personally seen any PoC code or worms that exploited it, though) that 
some RPC calls could be made via RPC over HTML.  According to the 

more than theoretically posibly...
u can chek that with the DCE/RPC endpoint dumper program that
is part of the impacket python package:

http://oss.coresecurity.com/projects/impacket.html
http://oss.coresecurity.com/impacket/rpcdump.py

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault