I would also like to know, since I though the remote computer would experience some
sort of DoS instead of exploitation if the wrong return address was used.
On Mon, 28 Jul 2003 22:20:20 +0200
Knud Erik Højgaard <[EMAIL PROTECTED]> wrote:
> morning_wood wrote:
> [snip]
> > THIS IS NOT THE CASE..
morning_wood wrote:
[snip]
> THIS IS NOT THE CASE...
> this .bat works perfect...
So somehow running the exploit from a .bat file with some shameless
selfpromotion makes svchost _not_ crash upon hitting a wrong return address?
Would you care to elaborate on how you pull that off?
--
kokanin
___
- Original Message -
From: "john" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 28, 2003 7:42 AM
Subject: [Full-Disclosure] dcom exploit code observations
> Downloaded the revised exploit code by HD moore and got it compiled on a
> linux box
More observations:
After exploiting a windows 2000 SP3 system the "PASTE" function is not
working anymore. The "COPY" and "CUT" functions appear to work but
paste is grayed out, and even CTRL+V doesn't work. Also you can't move
files or folders around within the Explorer shell window. Is this
ha
Downloaded the revised exploit code by HD moore and got it compiled on a
linux box.
There seems to either be some flaws in the exploit code or just a
general instability of the rpc service.
If the code is run against a vulnerable box and the right SP level
setting is not correct it crashes the rp