Microsoft Windows RRAS Service MIBEntryGet Overflow

Posted by deepcore on March 6, 2021 – 3:06 pm

This Metasploit module exploits an overflow in the Windows Routing and Remote Access Service (RRAS) to execute code as SYSTEM. The RRAS DCERPC endpoint is accessible to unauthenticated users via SMBv1 browser named pipe on Windows Server 2003 and Windows XP hosts; however, this module targets Windows Server 2003 only. Since the service is hosted inside svchost.exe, a failed exploit attempt can cause other system services to fail as well.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« e107 CMS 2.3.0 Cross Site Request Forgery Fluig 1.7.0 Path Traversal »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Microsoft Windows RRAS Service MIBEntryGet Overflow

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL