Full Disclosure mailing list archives
Re: dcom exploit code observations
From: Preston Newton <preston.newton () equipnetworks com>
Date: 28 Jul 2003 10:37:28 -0500
More observations: After exploiting a windows 2000 SP3 system the "PASTE" function is not working anymore. The "COPY" and "CUT" functions appear to work but paste is grayed out, and even CTRL+V doesn't work. Also you can't move files or folders around within the Explorer shell window. Is this happening on other exploited systems? Just and observation.... Preston On Mon, 2003-07-28 at 09:42, john wrote:
Downloaded the revised exploit code by HD moore and got it compiled on a linux box. There seems to either be some flaws in the exploit code or just a general instability of the rpc service. If the code is run against a vulnerable box and the right SP level setting is not correct it crashes the rpc service and shuts down the port. Restarting the service will bring it back online. If the attack is successful you get a nice pretty windows shell. If you exit the shell the rpc service again crashes. I am sure the code will be revised to eliminate these problems. John _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- dcom exploit code observations john (Jul 28)
- Re: dcom exploit code observations Preston Newton (Jul 28)
- Re: dcom exploit code observations morning_wood (Jul 28)
- Re: dcom exploit code observations Knud Erik Højgaard (Jul 28)
- Re: dcom exploit code observations Shanphen Dawa (Jul 28)
- Re: dcom exploit code observations Knud Erik Højgaard (Jul 28)