[Full-Disclosure] Reproducing the MS DCE-RPC DOS.

From: Joe Testa (Joe_Testaat_private)
Date: Sun Oct 20 2002 - 14:44:15 PDT

Next message: Martin Schulze: "[SECURITY] [DSA 180-1] New NIS packages fix information leak"

Previous message: ppp-design: "[Full-Disclosure] Re: [VulnWatch] NOCC: XSS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Attached to this e-mail is a Java program and a data file which can be used
to manually reproduce the DCE-RPC DOS from SPIKE v2.7.

Compile it first with:
$ javac EtherealReplay.java

Then run it with:
$ java EtherealReplay 192.168.x.x 135 < windows_rpc_kill

You may need to wait a few seconds before noticing that port 135 is dead.

As its name suggests, this program replays an Ethereal TCP Stream to a
specified endpoint.  So this little tool may come in handy for other things
as well...


    - Joe Testa, Rapid 7, Inc.
    http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x02B00839
    A145 B158 2CA7 00A2 BAE8  4A18 57E5 18E0 02B0 0839


(See attached file: goodies.tar.gz)(See attached file: goodies.tar.gz.sig)

application/octet-stream attachment: goodies.tar.gz

application/octet-stream attachment: goodies.tar.gz.sig

_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Martin Schulze: "[SECURITY] [DSA 180-1] New NIS packages fix information leak"
Previous message: ppp-design: "[Full-Disclosure] Re: [VulnWatch] NOCC: XSS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Oct 20 2002 - 15:11:43 PDT