Cody Pierce and Aaron Portnoy have released the Msrpc framework for auditing the Microsoft RPC protocol. The presented the tool in DeepSec 2007, it was a good presentation where they show us how they used to analyze RPC. Now the tools is available at Google Code.
pymsrpc is an attempt to develop a working library for communicating with remote Microsoft RPC endpoints. It includes an IDL parser and NDR data types for making requests.
The following toolset is recommended by them:
- PyMSRPC consists of the following components
- Lexer and Parse
- A library of NDR objects
- Utilizes Impacket from CORE for transport
- Tie-ins for the Sulley Fuzzing Framework