Nmap Development mailing list archives
Re: no windows RPC handling?
From: "Diman Todorov" <diman.todorov () gmail com>
Date: Sun, 3 Aug 2008 13:03:37 +0200
Hi Mike, On Sun, Aug 3, 2008 at 11:32 AM, mike <dmciscobgp () hotmail com> wrote:
hello. i was going through some nmap service scans and attemped some enumeration techniques on a standard windows RPC listening 135 socket. i kept firing off packets and was left scratching my head on my i was not getting a valid portmap/bind dump until i realized something. the "RPC" section of code is only for SUNrpc service NOT windows! is anyone aware of this? i tried to locate any handlings for dumping RPC 135 info but could find nothing in nmap for this. i even looked in the scripts and version scan portions. is this ever going to be added? you do realize a portmap call to port 111 is rather different than sending that same request to a 135 windows socket, right? i hope someone can add this thank you
RPC is a very broad term. All it says is "remote procedure calls". This can obviously be anything, in any format. Over time RPC has come to be synonymous with one or another protocol. The protocol implemented in Nmap is the one described in RFC 1050. Windows does not implement this protocol. In the windows world there is DCOM which stands for "Distributed Component Object Model". In a way, this mouthful is also a method for calling procedures remotely. Maybe this is why DCOM is often referred to as "RPC". Currently there are no efforts to add DCOM support to Nmap, there are various reasons for this. One is that the DCOM protocol specification is not open. Another is that there are practically no legitimate white or gray hat applications for a DCOM grinder (see also [1]). What we currently are working on is adding XML-RPC support. Since XML-RPC is widely supported on the net (in WordPress for example), it would be one of the more useful features of Nmap. It was planned to release XML-RPC support this autumn but unfortunately the plans didn't work out as planned. In other words, it will be a few more months before Nmap gets a useful XML-RPC endpoint. If you feel that DCOM support is an essential feature you are very welcome to implement it. We will gladly review your patch (more preferably NSE script) and include it if it passes our auditing process. cheers, Diman [1] http://www.updatexp.com/dcom-windows-xp.html _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- no windows RPC handling? mike (Aug 03)
- Re: no windows RPC handling? Diman Todorov (Aug 03)
- Re: no windows RPC handling? Ron Bowes (Aug 03)
- Re: no windows RPC handling? Diman Todorov (Aug 03)