hi all, I tested about 50 boxes in our college network, mostly w2k sp4 and XP sp1. Almost all of them gave me shell, a few cases only got down service on port 135. Jacek > > > I've recently been testing dcom.c for pen testing on my network and > the Windows 2000 SP3 and SP4 boxes that I was able to penetrate did > not reboot after exiting from the shell. I was using the dcom.c > that H D Moore released (Based on Flasksky's code) via a cygwin > environment. Therefore, not having the system reboot, in my mind, is > not a sign that an exploit did not take place. > > Now, there could be a matrix of different patch levels that could > cause the system to reboot or not reboot. Who knows why we're getting > different results... > > Is anyone else on the list seeing that at least some of their target > systems are not rebooting after executing this code? > > -Barry > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Sat Aug 02 2003 - 10:38:53 PDT