Ncacn_http Exploit Site

It wasn't the payload that bothered her. It was the protocol .

“That’s impossible,” she muttered. The company had spent two million dollars locking down SMB, blocking RPC direct ports, even micro-segmenting the domain controllers. But ncacn_http was the wolf in sheep’s clothing. It let RPC masquerade as a normal web request. And if an attacker had figured out how to weaponize it… ncacn_http exploit

NCACN over HTTP. Microsoft’s remote procedure call, wrapped in web traffic to traverse firewalls. It wasn't the payload that bothered her