Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

New SMB and DCERPC features on Impacket released with doc

from [Gerardo Richarte] Network Security [Permanent Link]
Subject: New SMB and DCERPC features on Impacket released with doc
Date: Mon, 29 May 2006 15:15:32 -0300 
Hi!

   As we promised in the too short 5 minutes talk at CanSecWest last month, 
here we are publishing a new version of Impacket including all the new features 
we added for SMB and DCERPC. At the same time we are releasing a document 
describing what this new and weird features are, full of examples of how to use 
them, including a crash for MS05-039 (UMPNP remotely exploitable buffer 
overflow), writen in python using this library, which can be used as base for 
other DCERPC exploits and configured in lots of different ways to send 
non-standard and correct trafic.

   Some of the new features are:

   * NMB and SMB (high-level implementations).
   * DCE/RPC versions 4 and 5, over different transports: UDP (version 4 
exclusively), TCP, SMB/TCP, SMB/NetBIOS and HTTP.
   * Multiple ways of doing SMB tree_connect, file open, read, write.
   * SMB "fragmentation", SMB AndX command chaining.
   * Plain, NT and LM v1 authentications, using password and hashes only.
   * Portions of the following DCE/RPC interfaces: Conv, DCOM, EPM, SAMR, 
SvcCtl, WinReg.
   * DCERPC Alternate contexts, Multi-bind requests, Endianness selection
   * DCERPC NT and LM v1 authentication, integrity checking and encryption.
   * DCERPC v4 and v5 fragmentation, DCERPC v4 idempotent requests.

   take a look here:

http://www.corest.com/common/showdoc.php?idx=539&idxseccion=11

   and send feedback, to us

   gera and beto

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • New SMB and DCERPC features on Impacket released with doc, Gerardo Richarte <=
Previous by Date:  Multibyte string validation, Yasuo Ohgaki
Next by Date:  Re: RE: OSSTMM how good is it?, T.Dudek
Previous by Thread:  Multibyte string validation, Yasuo Ohgaki
Next by Thread:  Is there a scam in Security Certifications, adich71
Indexes:  [Date] [Thread] [Top] [All Lists]