Search the Community
Showing results for tags 'microsoft'.
Found 1 result
Hello everyone! I'm new here, and this is my first post, but I've been studying security on and off for some time. Currently I'm a student studying IT, and working as a sysadmin. I'm looking to get into the security field, and I hope to become a vaulable member of this community! Through some reading, I've determined that RPC endpoints are a vulnerable point in Windows systems; but I'm not sure why. I'm also not certain what they are used for. I ran a python script I found from CORE security (https://code.google.com/p/impacket/source/browse/trunk/examples/rpcdump.py?r=246) to enumerate RPC endpoints one of my Windows boxes. Looking at the output, I can't determine much. It looks like a lot of UUIDs, and a bunch of information I can't really make much of (ex: Version: 1, Annotation: Impl friendly name, StringBindings: ncalrpc:[Audiosrv], etc.). Has anyone used rpcdump.py before, or any other tool to enumerate RPC endpoints? What are the purpose of endpoints, and what makes them a vulnerability (I'm assuming you can eventually gain an RPC session using them)? Thanks for any help/guidance!