Thread-topic: New SMB and DCERPC features on Impacket released with doc
> -----Original Message-----
> From: Gerardo Richarte [mailto:lists@xxxxxxxxxxxx]
> Sent: Monday, May 29, 2006 10:16 PM
> To: bugtraq@xxxxxxxxxxxxxxxxx; sectools@xxxxxxxxxxxxxxxxx;
> focus-ids@xxxxxxxxxxxxxxxxx; pen-test@xxxxxxxxxxxxxxxxx;
> nmap-hackers@xxxxxxxxxxxx
> Subject: New SMB and DCERPC features on Impacket released with doc
>
> Hi!
>
> As we promised in the too short 5 minutes talk at
> CanSecWest last month, here we are publishing a new version
> of Impacket including all the new features we added for SMB
> and DCERPC. At the same time we are releasing a document
> describing what this new and weird features are, full of
> examples of how to use them, including a crash for MS05-039
> (UMPNP remotely exploitable buffer overflow), writen in
> python using this library, which can be used as base for
> other DCERPC exploits and configured in lots of different
> ways to send non-standard and correct trafic.
>
> Some of the new features are:
>
> * NMB and SMB (high-level implementations).
> * DCE/RPC versions 4 and 5, over different transports:
> UDP (version 4 exclusively), TCP, SMB/TCP, SMB/NetBIOS and HTTP.
> * Multiple ways of doing SMB tree_connect, file open, read, write.
> * SMB "fragmentation", SMB AndX command chaining.
> * Plain, NT and LM v1 authentications, using password and
> hashes only.
> * Portions of the following DCE/RPC interfaces: Conv,
> DCOM, EPM, SAMR, SvcCtl, WinReg.
> * DCERPC Alternate contexts, Multi-bind requests,
> Endianness selection
> * DCERPC NT and LM v1 authentication, integrity checking
> and encryption.
> * DCERPC v4 and v5 fragmentation, DCERPC v4 idempotent requests.
>
> take a look here:
>
>
>
> and send feedback, to us
>
> gera and beto
>
>
