Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely
#1
Exclamation 
In The Name Of Allah
Heart  Al-Salam Alekum Heart

[Image: SMBleed.png]

Windows SMB again came back with a nice remote gift for whom care about it xD


Quote:Well, this whole vulnerability deals with SMB messages, and these messages primarily include fields like the number of bytes to address and flags, and thus it accompanied by a variable-length buffer. By crafting this, the messages become quite easy, so this is a perfect tool for exposition.


But there are some variable that contains uninitialized data, and therefore, we put different addition to the compression function that is based on our POC on Microsoft’s WindowsProtocolTestSuites repository.

By adding this will not be sufficient, as POC needs different credentials and a writable share, that are easily accessible in many situations. Still, the bug refers to every sought of the message so that it can get utilized remotely for any authentication.

More importantly, the memory that has leaked is generally related to the earlier allocation in the NonPagedPoolNx pool, as we can manage the allocation size, which implies that the leaked data may come into our control to some extent.



The Soruce
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Thumbs Up News Citrix Bugs Allow Unauthenticated Code Injection, Data Theft Mr.Kurd 1 221 07-15-2020, 12:28 AM
Last Post: EthelCrife
Exclamation News $100,000 Bounty Apple Zero-day Bug in “Sign in with Apple” Let Hackers Take Takeover Mr.Kurd 0 251 06-01-2020, 07:42 AM
Last Post: Mr.Kurd
Star News Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial Mr.Kurd 0 293 04-08-2020, 08:43 AM
Last Post: Mr.Kurd
Question News Windows Running MS-SQL Servers Under Attack!! Hackers Installing 10 Secret Backdoors Mr.Kurd 0 246 04-02-2020, 08:38 AM
Last Post: Mr.Kurd
Sad News Critical RCE Bug in WordPress Plugin Let Hackers Gain Admin Access on 200,000 Website Mr.Kurd 0 242 04-01-2020, 11:19 AM
Last Post: Mr.Kurd
Exclamation News Hackers Deliver LimeRAT Malware Using Password Protected Excel Spreadsheet’s Mr.Kurd 0 311 04-01-2020, 11:17 AM
Last Post: Mr.Kurd
Shocked News Hackers Using Zoom’s Popularity in Coronavirus Outbreak to Infect Computers Mr.Kurd 0 346 03-31-2020, 07:36 AM
Last Post: Mr.Kurd
Rainbow News Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi Mr.Kurd 0 312 03-26-2020, 09:03 AM
Last Post: Mr.Kurd
Question News Critical Remote Code Execution Bug in Linux Based OpenWrt OS Affects Millions of Netw Mr.Kurd 0 285 03-25-2020, 08:11 AM
Last Post: Mr.Kurd
Exclamation News Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn Mr.Kurd 0 553 03-24-2020, 07:56 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)