Full Disclosure mailing list archives
Re: Running DComCfg remotely...
From: w g <xillwillx () yahoo com>
Date: Sun, 27 Jul 2003 20:09:05 -0700 (PDT)
or you could send a worm out on your network to use the exploit then execute Regedit.exe /s dcom.reg <.snip>dcom.reg Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] "EnableDCOM"="N" </.snip> in case your wondering how to get the dcom.reg onto the computer maybe you can use either ftp tftp or good ole' copy con illwill needs a job as an admin... instead of these whiney bitches who got a admin job because they knew how to send picture in aol before the president of their company did http://illmob.org/rpc/ Duane Maurer <duanerama () hotmail com> wrote: A few obeservations... 1.) I am sick of hearing 'administrators' whining... at least you have a job... 2.) If you deserve the title of 'administrator' (for Windows that is) then you should know by now how to use RegMon from www.SysInternals.com 3.) So, run RegMon and see what key the check box in DComCfg.exe uses... duh... 4.) For those too lazy, or not knowledgable enough... HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\EnableDCOM set this to 'N' (it is of type Reg_SZ) 5.) If you can't change a registry key on all of your machines... you have more problems than I can help you with... and more problems than just an RPC worm... Thank you for your time, Duane Maurer II out of work administrator and developer _________________________________________________________________ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html --------------------------------- Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software
Current thread:
- Running DComCfg remotely... Duane Maurer (Jul 27)
- Re: Running DComCfg remotely... w g (Jul 27)