Remote Procedure Call (RPC)

RPC, or ‘Remote Procedure Call’ provides a method of causing a subroutine or “procedure” to execute.

The procedure would generally execute on another computer on a network. Operating on Port 135, RPC utilizes a Client/Server model and spans the Transport and Application Layers of the OSI model.

For example, a program running on Computer A would execute code on Computer B over the network. Other services can be called to using Port 111.

MS03-026 is a known RPC exploit that was discovered July 27, 2003. On an un-patched system the crafted RPC request can ultimately allow an attacker to gain full access and execute any code on a victim system.  With an exploited system, an attacker could utilize RPC to perform any action on the victim system including installing programs, viewing changing or deleting data, or creating new accounts with administrator permissions.