Full Disclosure mailing list archives

Re: DCOM RPC exploit failed


From: Knud Erik Højgaard <kain () ircop dk>
Date: Sun, 27 Jul 2003 23:49:25 +0200

Marcus Graf wrote:

I compiled dcom.c on linux and tried it against a
Windows 2000 SP4, german version.

The exploit failed (maybe I need some offset adjustments for the
german version of Win2k) but after that I noticed some malfunctions:

Yes, you do. Load up winhex, edit ram, attach to svchost.exe(either one will
do), select kernel32.dll(for portability), click ok, click hex search, enter
"FFE4", check "archive blah blah", click ok, click ok, click ok, that thing
showing will be a proper return address.

- The windows explorer was not able to perform drag'n drop any more.
When I tried to drag a file somewehere nothing happened.
- The media player failed. The window came up and closed itself after
a few seconds.

yeah, a pain in the ass indeed.

... don't know what else failed...

outlook express will be unable to open messages, and my mousewheel failed as
well.

So even when then exploit failed it may seriously disturb the windows
functionality. A massive scan for vulnerable windows systems on the
net may become the character of an DoS attack even without any
successful exploit.

Indeed. What a fine day it will be.

--
kokanin

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Current thread: