Dailydave mailing list archives
Re: p2psvc.dll idl function definition ambiguities - any ideas?
From: Rich Smith <richard.j.smith () hp com>
Date: Tue, 15 Jan 2008 11:44:34 +0000
Cheers for the pointer to MS download note, while PNRP may have been updated to V2.0 this doesn't reference which MSRPC interfaces have changed. An application version change doesn't mean the constituent MSRPC interfaces are changed per se, and from the unmidl'd p2psvc.dll the version numbers on interfaces a2d47257-12f7-4beb-8981-0ebfa935c407 (pnrpsvc) & 8174bb16-571b-4c38-8386-1102b449044a (IP2pIMSvc) are the same in both versions. Which brings me back to the original question:
If v.2.0 of PNRP has changed the MSRPC interface definitions, why haven't the version numbers on the interfaces been bumped or new UUID's been designated?
idl's of the two versions of the p2psvc.dll are attached if people want to have a peek.
Cheers Rich
Attachment:
p2psvc_xpsp2base_UNMIDL.idl
Description:
Attachment:
p2psvc_xpsp2up2date_UNMIDL.idl
Description:
On 14 Jan 2008, at 19:38, Nicolas RUFF wrote:
I've been playing about with some MSRPC stuff in an effort to improvesome fingerprinting techniques and have come up with some ambiguities in p2psvc.dll that I can't explain - so I was wondering if anyone on list might be able to :)PNRP has been updated to version 2.0 through a Windows Update "recommended" patch. http://www.microsoft.com/downloads/details.aspx?FamilyId=55219164-EC71-4A32-A648-4ED2582EBC7C&displaylang=en Are you sure you are diffing the same version? My .02, - Nicolas RUFF
-- Rich Smith Trusted Systems Lab Hewlett-Packard Labs --Hewlett-Packard Limited registered Office: Cain Road, Bracknell, Berks RG12 1HN
Registered No: 690597 EnglandThe contents of this message and any attachments to it are confidential and may be legally privileged. If you have received this message in error, you should delete it from your system immediately and advise the sender. To any recipient of this message within HP, unless otherwise stated you should consider this message and attachments as "HP CONFIDENTIAL".
--
Attachment:
smime.p7s
Description:
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- p2psvc.dll idl function definition ambiguities - any ideas? Rich Smith (Jan 14)
- Re: p2psvc.dll idl function definition ambiguities - any ideas? Nicolas RUFF (Jan 14)
- Re: p2psvc.dll idl function definition ambiguities - any ideas? Rich Smith (Jan 15)
- Re: p2psvc.dll idl function definition ambiguities - any ideas? Nicolas RUFF (Jan 14)