MS04-007 scanner

Chris Russel russel at
Mon Feb 16 19:03:29 GMT 2004

Hi Folks,

I havn't seen a fast free scanner for this vulnerability yet so here is
one I hacked together using parts found on this list, so I figured it is
only fair to put it up too.  It does our class B in a few minutes on a
P2/300 (Linux) with 100 threads running:

cat subnets-main | xargs 007scan -p 100 > results

It is based on a modified version of the UConn dcom/rpc scanner. Does the
same test as the NTLM nessus plugin.  Should also run on solaris but I
have not tested it.

I am still awaiting info regarding it's accuracy but so far it looks good.
Please let me know any comments.

Chris Russel
Manager, CNS Information Security
York University, Toronto, Canada
russel at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 007scan.c
Type: text/x-csrc
Size: 11900 bytes
Url :

More information about the unisog mailing list