I have been playing around with RPC using RpcView and Process Hacker. Listing down all open handles in process hacker for a service running as SYSTEM shows me that a handle to \NamedPipe\dbxsvc is opened and this name pipe is accessible by everyone.
On other hand, using RpcView to view this name pipe just returns everything and it doesn't even contain the application dbxsvc.exe in interface list.
It seems to me that there is a issue with some sort of exception handling in RpcView where if it encounters any error, it will list all RPC Interface exposed on the system.
Looking into the Named pipes via ObjectExplorer, it seems that it has reached the max number of instances possible for that named pipe. Can that be the reason by RpcView is not able to parse it?
Hi folks,
I have been playing around with RPC using RpcView and Process Hacker. Listing down all open handles in process hacker for a service running as SYSTEM shows me that a handle to \NamedPipe\dbxsvc is opened and this name pipe is accessible by everyone.
On other hand, using RpcView to view this name pipe just returns everything and it doesn't even contain the application dbxsvc.exe in interface list.
It seems to me that there is a issue with some sort of exception handling in RpcView where if it encounters any error, it will list all RPC Interface exposed on the system.
Let me know what you guys think of this