52ky 发表于 2022-9-11 14:29:15

RPC_DCOM远程溢出工具

RemoteProcedureCall(RPC)是Windows操作系统使用的一种远程过程调用协议,RPC提供进程间交互通信机制,许可在某台计算机上运行程序的无缝地在远程系统上履行代码。协议自身源自开放软件基金会的RPC协议,Microsoft在其基础上增加了自己的一些扩展。因为WindowsRPCDCOM接口对报文的长度域缺少检测致使发作基于堆的溢出,远程攻击者可以利用这些漏洞以本地系统权限在系统上履行恣意命令。

(RemoteProcedureCall (RPC) is a remote procedure call protocol used by the Windows operating system. RPC provides an inter-process interactive communication mechanism that allows a program running on a computer to seamlessly execute code on a remote system. The protocol itself is derived from the RPC protocol of the Open Software Foundation, and Microsoft has added some of its own extensions to it. Due to the lack of detection of the length field of the message by the WindowsRPCDCOM interface, a heap-based overflow occurs, and a remote attacker can exploit these vulnerabilities to execute arbitrary commands on the system with local system privileges.)




页: [1]
查看完整版本: RPC_DCOM远程溢出工具