Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Possibly a stupid question RPC over HTTP

From: Roberto Gomez Bolaños <wari00 () gmail com>
Date: Wed, 13 Oct 2004 18:56:06 -0300
Barry Fitzgerald wrote:

Daniel H. Renner wrote:


Daniel,

Could you please point out where you read this data?  I would like to
see this one...
 



I seem to remember that this was one of the caveats with regard to 
MSBlast and RPC/DCOM vulnerabilities last year.

In certain configurations, it was theoretically possible (I'd never 
personally seen any PoC code or worms that exploited it, though) that 
some RPC calls could be made via RPC over HTML.  According to the 


more than theoretically posibly...
u can chek that with the DCE/RPC endpoint dumper program that
is part of the impacket python package:

http://oss.coresecurity.com/projects/impacket.html
http://oss.coresecurity.com/impacket/rpcdump.py

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: