Metasploit mailing list archives
An IDL compiler in PERL ...
From: nicolas.ruff at gmail.com (Nicolas RUFF)
Date: Fri, 14 Oct 2005 16:47:42 +0200
Hello everybody, A suggestion for Metasploit guru developers : instead of integrating RPC marshalling code inside exploits (ex. ms05_039 using Ndr* functions), it could be easier to integrate this code in a separate library, because there are other interesting RPC bugs to be exploited (namely, ms05_043). The Holy Grail would be an IDL compiler in PERL ... For instance, given the following RPC call reversed by MUDDLE or UNMIDL : long Function_00( [in] long element_1, [in] [unique] [string] wchar_t *element_2, [in] long element_3, ); It would be really cool (and cleaner than using $data_stub = "\x00\x01\x02\x03 ..."; syntax) to be able to call Function_00 with the following syntax : RpcCall( <idl full description>, <function name or number>, <arguments list> ); Sorry boys, but I am not good enough at PERL and RPC marshalling to do it myself :) But if anybody has any clue ... Regards, - Nicolas RUFF Security Researcher @ EADS-CCR
Current thread:
- An IDL compiler in PERL ... Nicolas RUFF (Oct 14)
- An IDL compiler in PERL ... H D Moore (Oct 14)