[framework] DCE/RPC in Metasploit
bmc at shmoo.com
Sun Dec 17 17:39:20 CST 2006
On Dec 15, 2006, at 5:53 PM, Krpata, Tyler wrote:
> It's probably partly your code that I, err, "borrowed" then... :)
NDR.long(8) + NDR.long(0) + NDR.long(8) + "\\\x00\\\x00P\x00W\x00N
BTW, this is bad form, its trivial for lame IDS signature writers to
trigger off of and claim they provide protection.
NDR.long(payload.length/2) + NDR.long(0) + NDR.long(payload.length/
2) + payload
Is equiv to:
The bit you commented "not sure what this does" is for handling the
"did I exploit the box" conditions for one of the DCERPC exploits.
You should replace that chunk of code with what the service returns
on success or failure of your exploit.
More information about the framework