Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RpcView doesnt detect Named pipes #69

Open
0xDivyanshu-new opened this issue Jul 11, 2023 · 1 comment
Open

RpcView doesnt detect Named pipes #69

0xDivyanshu-new opened this issue Jul 11, 2023 · 1 comment

Comments

@0xDivyanshu-new
Copy link

Hi folks,

I have been playing around with RPC using RpcView and Process Hacker. Listing down all open handles in process hacker for a service running as SYSTEM shows me that a handle to \NamedPipe\dbxsvc is opened and this name pipe is accessible by everyone.

Screenshot 2023-07-11 at 09 43 00

On other hand, using RpcView to view this name pipe just returns everything and it doesn't even contain the application dbxsvc.exe in interface list.

Screenshot 2023-07-11 at 09 44 14

It seems to me that there is a issue with some sort of exception handling in RpcView where if it encounters any error, it will list all RPC Interface exposed on the system.

Let me know what you guys think of this
@0xDivyanshu-new
Copy link
Author

Looking into the Named pipes via ObjectExplorer, it seems that it has reached the max number of instances possible for that named pipe. Can that be the reason by RpcView is not able to parse it?

Screenshot 2023-07-11 at 10 01 56

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@0xDivyanshu-new