In-Reply-To: <20030727025321.64988.qmail@web11001.mail.yahoo.com> >One glitch is that the exploitation is not very >stealth. All RPC/COM based functions stop working >completely after exploitation and fail to heal until >the machine is restarted. Many of these functions are >quite visible and easily noticeable(drag&drop, >clipboard, property sheets, etc., for example). This >happens without exception. If the shellcode exit via ExitThread(), RPCSS will not die, everything rock as usual, and you can run the exploit over and over again. sk
