Full Disclosure mailing list archives
Re: DCOM RPC exploit failed
From: Knud Erik Højgaard <kain () ircop dk>
Date: Sun, 27 Jul 2003 23:49:25 +0200
Marcus Graf wrote:
I compiled dcom.c on linux and tried it against a Windows 2000 SP4, german version. The exploit failed (maybe I need some offset adjustments for the german version of Win2k) but after that I noticed some malfunctions:
Yes, you do. Load up winhex, edit ram, attach to svchost.exe(either one will do), select kernel32.dll(for portability), click ok, click hex search, enter "FFE4", check "archive blah blah", click ok, click ok, click ok, that thing showing will be a proper return address.
- The windows explorer was not able to perform drag'n drop any more. When I tried to drag a file somewehere nothing happened. - The media player failed. The window came up and closed itself after a few seconds.
yeah, a pain in the ass indeed.
... don't know what else failed...
outlook express will be unable to open messages, and my mousewheel failed as well.
So even when then exploit failed it may seriously disturb the windows functionality. A massive scan for vulnerable windows systems on the net may become the character of an DoS attack even without any successful exploit.
Indeed. What a fine day it will be. -- kokanin _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- DCOM RPC exploit failed Marcus Graf (Jul 27)
- Re: DCOM RPC exploit failed Knud Erik Højgaard (Jul 27)
- <Possible follow-ups>
- Re:DCOM RPC exploit failed Thiago Campos (Jul 27)
- Re: DCOM RPC exploit failed Christopher Kunz (Jul 28)
- RE: DCOM RPC exploit failed Richard Stevens (Jul 28)
- Re: DCOM RPC exploit failed devnull (Jul 28)
- RE: DCOM RPC exploit failed Ben Tyson-Norrman (Jul 28)
- DCOM RPC exploit failed test test (Jul 28)
