AW: Bad news on RPC DCOM2 vulnerability

["Florian Keller" <fkeller () absolute tv>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Use this code: http://www.cyberphreak.ch/sploitz/MS03-039.txt
 
This works fine 4 me… ;).
 
Greets Flo
 
- -----Ursprüngliche Nachricht-----
Von: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] Im Auftrag von Peter 
King
Gesendet: Samstag, 11. Oktober 2003 10:29
An: full-disclosure () lists netsys com
Betreff: Re: [Full-Disclosure] Bad news on RPC DCOM2 vulnerability
 
why those *security* sites keep *exploits* online even when they know that this is an unpatched vuln !!!!
 
personnaly i'd like to test this exploit on my systems, but can't compile it 
http://www.k-otik.com/exploits/10.09.rpc2universal.c.php
 
can anyone post the .exe please, to test our machines ...
 
Cheers.

petard <petard () sdf lonestar org> wrote:
On Fri, Oct 10, 2003 at 07:05:46PM -0500, Bobby Brown wrote:
> So I can "assume" no other information is posted, other than this site, to collaborate the RPC issue is not resolved 
> or should we all try to translate this site using the helpful hints, which they are?
k-otik posted some similar if not identical code, corroborating (to a point anyway) its
effectiveness. (It most likely worked for one of them if they posted it.)

I suggest taking the linked code, compiling it (use MSVC7) and testing it to confirm
for yourself. Please test on a machine that's not connected to the internet, though :-)

HTH,

petard
  _____  

Do you Yahoo!?
The New Yahoo! Shopping - with improved product search

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBP4fUq8cVx+1s2h/BEQIe+gCfbIBU0EG/Oj7Uu17XtcrZvthy0UkAoIKf
8LFGmJWP0pBBKP2TPqOKjHvy
=1RpU
-----END PGP SIGNATURE-----

Attachment: PGPexch.rtf.pgp
Description: