RPC backdoor: implementing and detecting a backdoor
DCE/RPC (Distributed Computing Environment / Remote Procedure Call) is a protocol that is often used in the enterprise. And with good reason: it’s at the heart of Active Directory and Microsoft environments. The extensions added by Microsoft form MSRPC. How DCE/RPC works Note that there are other well-known remote procedure call systems, such as gRPC (Google implementation) — which is based on a modern stack (HTTP/2 + Protobuf). ...