GSecur
Sep 18 2003, 04:40 AM
I believe the confusion of this post could have been prevented if members put a bit longer of an explanation when they post.
All it takes are a few additional seconds, and then we can all understand each other.
incitatus
Sep 17 2003, 11:23 AM
Does anyone knows an rpc v2 exploit working from a linux platform?
chrispen
Sep 17 2003, 02:45 PM
Dragoon_BPM
Sep 17 2003, 03:01 PM
RPC is a winblows service... there is not RPC service on linux, so no vuln to exploit..
incitatus
Sep 17 2003, 03:18 PM
i know it`s for winbugs only ... but i just wanted to know if there`s an exploit, source or compiled on a linux platform.. to exploit a windows machine
I think it exist one for the first rpc vuln.
i wanted to try it ... but i had the worm before so i patched my machine
Dragoon_BPM
Sep 17 2003, 11:51 AM
LOL
Dillinja
Sep 17 2003, 02:33 PM
'friad not incitatus. Not unless your running windows on vmware on Linux.
Moved to beginners section.
thatsmej
Sep 17 2003, 06:59 PM
| QUOTE (incitatus @ Sep 17 2003, 03:18 PM) |
i know it`s for winbugs only ... but i just wanted to know if there`s an exploit, source or compiled on a linux platform.. to exploit a windows machine
I think it exist one for the first rpc vuln.
i wanted to try it ... but i had the worm before so i patched my machine |
rpc v1 exploit was first released as linux exploit
rpc v2 never seen an linux exploit
Ripper
Sep 17 2003, 08:43 PM
chrispen: what's that? is that a new dcom exploit or what??!
share plz
riddler
Sep 17 2003, 10:09 PM
I might be wrong but ummmm linux does have RPC there is all kinds of RPC.samba and that crap for linux so linux does use some RPC just doesnt work like windows
charon255
Sep 17 2003, 10:22 PM
Indeed Linux, Solaris, et al, have RPC It is most commonly referred to as the portmapper in the *nix world. Normally found on 111/tcp and 111/udp.
There have been many *nix vulns in the past, "sadmind" comes to mind (no pun), rpc.statd, and others. Microsoft isn't the only sw vendor to leave this door hanging open...
C
incitatus
Sep 18 2003, 03:28 AM
yeah.... rpc.mountd is a good example of a rpc on linux ...
anyways.... "hacking" windows it's goot... but linux server are better
hope we'll see a openssh <= 3.7 exploit soon
btw.. does anyone have the nfs.c (rpc.mount) for linux compiled? It compiles on a gcc 2.95.4 ... witch i don't have it and if you guys have the binary please poste it because i don't want to install gcc 2.95.4 just 4 that...
thanx
thatsmej
Sep 18 2003, 07:45 AM
| QUOTE (GSecur @ Sep 18 2003, 04:40 AM) |
I believe the confusion of this post could have been prevented if members put a bit longer of an explanation when they post.
All it takes are a few additional seconds, and then we can all understand each other. |
or if some ppl read better..
the posts sais "from linux" not to exploit linux..
i rest my case
incitatus
Sep 18 2003, 11:01 AM
thatsmej it's right...
in my first post, i was asking 4 if anyone have seen the dcom2 exploit COMPILED on a linux platfor... I mean.. executed from linux to exploit a windows machine...
But i had some replys like rpc "dcom" it's only for windos... i know that
if i made a mistake... pls excuse me but i'm not sure i did
incitatus
Sep 18 2003, 09:16 PM
Anyways ... the dcom2 exploit compiled on linux it was made
http://packetstormsecurity.nl/0309-exploit...S03-039-linux.c
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
