[Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability
pk95 at yandex.ru
Mon Oct 13 05:32:37 BST 2003
RE: Re: Bad news on RPC DCOM vulnerabilityThis code doesn't work without shellcode. The simple version of a "battle" shellcode can be found here:
http://www.SecurityLab.ru/_exploits/bshell2 (add user 'a' with pass 'a' in administrator group)
You can change this shellcode as you need.
On system with MS03-39 installed, this code only crash systems, because nature of new vulnerability is not known.
See more: http://www.securitylab.ru/40757.html
----- Original Message -----
From: Mike Gordon
To: full-disclosure at lists.netsys.com
Sent: Monday, October 13, 2003 1:41 AM
Subject: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability
A compiled version is found at http://www.SecurityLab.ru/_exploits/rpc3.zip
But it seems to only crash systems.
Does any one have a clean complile of the "better code" from http://www.cyberphreak.ch/sploitz/MS03-039.txt
-------------- next part --------------
An HTML attachment was scrubbed...
Full-Disclosure is hosted and sponsored by Secunia.