Re: Running DComCfg remotely...

[w g <xillwillx () yahoo com>]

or you could send a worm out on your network to use the exploit then execute
Regedit.exe /s dcom.reg
 
<.snip>dcom.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="N"
</.snip>
in case your wondering how to get the dcom.reg onto the computer maybe you can use either ftp tftp or good ole' copy con
 
illwill
 
needs a job as an admin... instead of these whiney bitches who got a admin job because they knew how to send picture in 
aol before the president of their company did
 
http://illmob.org/rpc/


Duane Maurer <duanerama () hotmail com> wrote:
A few obeservations...

1.) I am sick of hearing 'administrators' whining... at least you have a 
job...

2.) If you deserve the title of 'administrator' (for Windows that is) then 
you should know by now how to use RegMon from www.SysInternals.com

3.) So, run RegMon and see what key the check box in DComCfg.exe uses... 
duh...

4.) For those too lazy, or not knowledgable enough...

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\EnableDCOM set this to 'N' (it is 
of type Reg_SZ)

5.) If you can't change a registry key on all of your machines... you have 
more problems than I can help you with... and more problems than just an RPC 
worm...

Thank you for your time,
Duane Maurer II
out of work administrator and developer

_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


---------------------------------
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software