How can I misuse the information of DCE service enumeration?

Question

Nessus reports almost on any Windows machine "DCE service enumaration". With the metasploit module tcp_dcerpc_auditor I get the following information:

192.168.1.23 - UUID 99fcfec4-5260-101b-bbcb-00aa0021347a 0.0 OPEN VIA 135 ACCESS GRANTED 0000000somelongnumber0000
192.168.1.23 - UUID afa8bd80-7d8a-11c9-bef4-08002b102989 1.0 OPEN VIA 135 ACCESS GRANTED 00000somelongnumber0000

In the nessus finding it says it could be used for information gathering. But how exactly? Is there a way to use the UUID?

score 5 · Accepted Answer · answered Jul 09 '13 at 12:58

5

Check this out. An attacker can see what services are running on the machine. This information can be very useful for planning and launching an attack.

answered Jul 09 '13 at 12:58

Four_0h_Three

1,225
2
8
13

How can I misuse the information of DCE service enumeration?

1 Answers1