Re: Pen-Test Question: Network Computing Architecture Connection

From: Ivan Arce (ivan.arce@coresecurity.com)
Date: Wed May 05 2004 - 20:19:59 EDT

• Next message: Chan Fook Sheng: "Re: info on dir traversal techniques, any?"
• Previous message: Hidenobu Seki: "Optimized attacking for NTLM authentication"
• In reply to: Jeremy Junginger: "Pen-Test Question: Network Computing Architecture Connection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thats MS RPC over HTTP, some MSRPC-borne exploits might work over
that transport i am not aware of any publicly available but
these references might help you:

http://www.corest.com/common/showdoc.php?idx=393&idxseccion=10
http://oss.corest.com/projects/impacket.html
http://www.eeye.com/html/Research/Advisories/AD20030910.html
http://www.eeye.com/html/Research/Tools/RPCDCOM.html
http://www.microsoft.com/technet/security/bulletin/MS03-039.mspx
http://seclists.org/lists/incidents/2002/Mar/0046.html

-ivan

Jeremy Junginger wrote:

> During the course of a pen-test, I've located a device that gives the
> following response:
>
> ncacn_http/1.0
>
> on port 6001. This looks like Microsoft Network Computing Architecture
> Connection. I was thinking about using rpctools
> (http://razor.bindview.com/tools/desc/rpctools1.0-readme.html). Any other
> tips/tools/suggestions?
>
> -Jeremy
>
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
> any course! All of our class sizes are guaranteed to be 10 students or less
> to facilitate one-on-one interaction with one of our expert instructors.
> Attend a course taught by an expert instructor with years of in-the-field
> pen testing experience in our state of the art hacking lab. Master the skills
> of an Ethical Hacker to better assess the security of your organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------
>

-- 
---
To strive, to seek, to find, and not to yield.
- Alfred, Lord Tennyson Ulysses,1842
Ivan Arce
CTO
CORE SECURITY TECHNOLOGIES
46 Farnsworth Street
Boston, MA 02210
Ph: 617-399-6980
Fax: 617-399-6987
ivan.arce@coresecurity.com
www.coresecurity.com
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

• Next message: Chan Fook Sheng: "Re: info on dir traversal techniques, any?"
• Previous message: Hidenobu Seki: "Optimized attacking for NTLM authentication"
• In reply to: Jeremy Junginger: "Pen-Test Question: Network Computing Architecture Connection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:53 EDT