Automating MS-RPC vulnerability research
微软远程过程调用(MS-RPC)用于Windows系统中的进程间通信。手动分析其接口耗时且复杂。本文介绍了一种自动化方法,利用模糊测试技术识别潜在RPC漏洞,并成功发现9个新漏洞,包括可远程崩溃本地会话管理器服务的CVE-2025-26651。 2025-5-22 12:12:46 Author: www.reddit.com(查看原文) 阅读量:46 收藏

Microsoft Remote Procedure Call (MS-RPC) is a protocol used within Windows operating systems to enable inter-process communication, both locally and across networks.

Researching MS-RPC interfaces, however, poses several challenges. Manually analyzing RPC services can be time-consuming, especially when faced with hundreds of interfaces spread across different processes, services and accessible through various endpoints.

Today, I am publishing a White paper about automating MS-RPC vulnerability research. This white paper will describe how MS-RPC security research can be automated using a fuzzing methodology to identify interesting RPC interfaces and procedures.

By following this approach, a security researcher will hopefully identify interesting RPC services in such a time that would take a manual approach significantly more. And so, the tool was put to the test. Using the tool, I was able to discover 9 new vulnerabilities within the Windows operating system. One of the vulnerabilities (CVE-2025-26651), allowed crashing the Local Session Manager service remotely.


文章来源: https://www.reddit.com/r/netsec/comments/1ksp4m2/automating_msrpc_vulnerability_research/
如有侵权请联系:admin#unsafe.sh