发新话题
打印

[转载]Bypass RPC portmapper filtering security PoC

[转载]Bypass RPC portmapper filtering security PoC

信息来源:邪恶八进制信息安全团队(www.eviloctal.com

What is a portmapper ?
Portmapper is a kind of database that register Remote Procedure Call
services by RPC Services numbers, version numbers, tcp/udp ports, and protocols that have to
be used (tcp or udp or boths). Portmapper always run on port 111 tcp/udp.
When clients want access to a service, they first contact the portmapper, and it tells them
which port they should then contact in order to reach the desired service.
If portmapper is not present or not accessible the request will fail.
The problem with RPC is the weakness of security.
Many security problems have been related for RPC services (unauthorized accesses, overflows,
spoofing etc...).

附件

Bypass RPC portmapper filtering security PoC.rar (450.6 KB)

2008-3-26 02:37, 下载次数: 761

曾几何时,有人对我说:装B遭雷劈。我说:去你妈的。于是,这个人又对我说:如果再说脏话,上帝会惩罚你的。我说:我操上帝。结论:彪悍的人生不需要上帝。

TOP

发新话题