Dcom-scanner For Linux?

#1 anal

Private

Group: Members
Posts: 7
Joined: 16-August 03

Posted 17 August 2003 - 02:30 AM

Hi

is there any fast and reliable scanner for the rpc/dcom-vul that is actually in the news?
I tried dcom_scanz but this one is really slow.
There are some good ones for the windows-cl but i need one for linux.

#2 shaun2k2

Sergeant First Class

Group: Specialist
Posts: 348
Joined: 14-August 03

Posted 17 August 2003 - 09:41 AM

Why not try writing your own? By the looks of it, writing a scanner for the vulnerability is pretty easy providing that you know a programming language, and the sockets library for the language. You can just borrow the malformed requests from another dcom/rpc vulnerability tester, and implement it into your own code.

Thank you for your time.
Shaun.

#3 Guest_andariel_*

Group: Guests

Posted 18 August 2003 - 12:29 AM

I am new to Linux, I just have installed my mandrake for 2 days.
I think if you update your Nessus, it will support that vuln as well. Or you may find a plugin for DCOM for Nessus.

#4 anal

Private

Group: Members
Posts: 7
Joined: 16-August 03

Posted 22 August 2003 - 04:02 PM

writing my own is beyond my skills

nessus is an option, but i didn't manage to start it with this msrpc-plugin only.
scanning with all plugins is really time-consuming and not what i want.
maybe some1 can help me here.

#5 Guest_andariel_*

Group: Guests

Posted 23 August 2003 - 03:04 AM

Can't you use WINE to run th eEye one on Linux ?

#6 maZer`-

Corporal

Group: Members
Posts: 163
Joined: 19-August 03

Post icon Posted 24 August 2003 - 08:04 PM

Use wine to run the scanner!
Really fast method to scan dcom is to use scan1000,

Usage:

scan1000.exe -p 135 [ip] [ip]

Copy the results in a textfile!

scanms.exe file=textfile

Have Phun :D

#7 MxMx

Sergeant First Class

Group: Members
Posts: 329
Joined: 23-August 03

Posted 27 August 2003 - 10:13 AM

maZer`-, on Aug 25 2003, 04:04 AM, said:

Use wine to run the scanner!
Really fast method to scan dcom is to use scan1000,

Usage:

scan1000.exe -p 135 [ip] [ip]

Copy the results in a textfile!

scanms.exe file=textfile

Have Phun :D

mhh i think scanms cant scan ips from a .txt file :blink:

#8 JFCa

Private

Group: Members
Posts: 13
Joined: 25-August 03

Posted 29 August 2003 - 01:05 AM

Perhaps...

cat textfile | scanms

#9 anal

Private

Group: Members
Posts: 7
Joined: 16-August 03

Posted 29 August 2003 - 07:15 AM

wine is also no option ... my linux-sys is a p90 with a lame VGA-adapter :(

the point behind my question is that i try to write a bash-script that scans random ip-adresses and tries to exploit them :)
so all i need is a linux program that checks if a host is vul or not

#10 x80

Private

Group: Members
Posts: 5
Joined: 22-September 03

Posted 25 September 2003 - 05:05 AM

example: nmap -sT -p 135 -G scan.txt 192.168.168.1/24

scans ips 192.168.168.1 - 192.168.168.255 and logs to the file scan.txt which can be found in your home dir

you can use /8 or /16 or /24 depending on what your network is running subnet wise

#11 Guest_mant_*

Group: Guests

Posted 02 January 2004 - 02:11 PM

Hehehhee..

http://www.k-otik.co...2_scanner.c.php

Thar ya go.. it's a bit skiddy, but it'll do the job if you're jsut trying to locate vulnerable machines. eEye has a great one that runs on Windows if you're into that.

#12 predx

Private First Class

Group: Members
Posts: 108
Joined: 03-December 03

Posted 03 January 2004 - 06:12 AM

yeah i seen one on packetstorm but it might be the one listed above.

#13 va23boam

Private

Group: Members
Posts: 1
Joined: 10-October 04

Posted 16 April 2005 - 01:13 AM

does anyone no of a ntpass or ipc scaner that runs under linux fedora core 3?

Page 1 of 1

You cannot start a new topic
You cannot reply to this topic

Forums: Dcom-scanner For Linux? - Forums

Dcom-scanner For Linux?

#1 anal