kaht2.exe-RPC DCOM Tool
Results 1 to 3 of 3

Thread: kaht2.exe-RPC DCOM Tool

  1. #1
    Senior Member
    Join Date
    Aug 2002
    Posts
    239

    kaht2.exe-RPC DCOM Tool

    Hey guys, quick question:

    I downloaded the kaht2.exe program, which, as many of you know, exploits the recent flaw in the way Windows handles RPC commands. The site I got it from is a trusted site known to many of you: securityfocus.com.

    In fact, I think NullDevice also provided the download.

    ANYWAYS, the new definitions for NAV classify it as a "Hacker.Tool.Virus."

    Heh, I doubt it actually is, but is kaht2.exe, a non-gui file, really a virus that causes harm to your own computer? Or does overprotective Norton just deem it simply as a "HackerTool"?

    ThankS
    It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.

    Hit it!

  2. #2
    Senior Member
    Join Date
    Aug 2002
    Posts
    547
    i used the program to see if any of the computers of my local network were vulnerable and after patching all of them, i noticed that my firewall asked me if i wanted to allow dcom to access the internet but in another range of ip addresses my network ip addres is xxx.xxx.88.xxx and after i clossed the prog it asked me if i whanted to allow Dcom to conect to xxx.xxx.89.xxx on port 135 and i cancelled the acction it seems that stills scanning. i think that it also runs in stealth mode. I wouldn't recommend running that application

  3. #3
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Posts
    852
    I personally haven't used that exploit program so I can't comment for sure, but I'd be a little weary of it. I have a recommendation for you, for a tool that I have used and know that it works well and can be trusted. Download the Retina RPC DCOM Vulnerability Scanner from http://www.eeye.com - it will scan your network and report back to you the machines that are vulnerable.. The tool is available for free at this link: http://www.eeye.com/html/Research/Tools/RPCDCOM.html
    - Maverick

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides