Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely
#1
Exclamation 
In The Name Of Allah
Heart  Al-Salam Alekum Heart

[Image: SMBleed.png]

Windows SMB again came back with a nice remote gift for whom care about it xD


Quote:Well, this whole vulnerability deals with SMB messages, and these messages primarily include fields like the number of bytes to address and flags, and thus it accompanied by a variable-length buffer. By crafting this, the messages become quite easy, so this is a perfect tool for exposition.


But there are some variable that contains uninitialized data, and therefore, we put different addition to the compression function that is based on our POC on Microsoft’s WindowsProtocolTestSuites repository.

By adding this will not be sufficient, as POC needs different credentials and a writable share, that are easily accessible in many situations. Still, the bug refers to every sought of the message so that it can get utilized remotely for any authentication.

More importantly, the memory that has leaked is generally related to the earlier allocation in the NonPagedPoolNx pool, as we can manage the allocation size, which implies that the leaked data may come into our control to some extent.



The Soruce
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patc News 0 56 10-21-2020, 11:27 AM
Last Post: News
Star News US Warns: Hackers Chaining Zerologon, Other Vulnerabilities News 0 87 10-11-2020, 01:15 PM
Last Post: News
Star News Joplin 1.0.245 Cross Site Scripting / Code Execution ≈ Packet Storm News 0 72 09-29-2020, 07:43 AM
Last Post: News
Star News Homeland Security Issues Urgent Windows Security Warning Over Zerologon Exploit News 0 130 09-21-2020, 09:26 AM
Last Post: News
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 139 09-18-2020, 08:12 AM
Last Post: News
Star News ManageEngine Applications Manager Authenticated Remote Code Execution - CXSecurity.c News 0 158 09-06-2020, 01:51 PM
Last Post: News
Thumbs Up News Citrix Bugs Allow Unauthenticated Code Injection, Data Theft Mr.Kurd 1 401 07-15-2020, 12:28 AM
Last Post: EthelCrife
Exclamation News $100,000 Bounty Apple Zero-day Bug in “Sign in with Apple” Let Hackers Take Takeover Mr.Kurd 0 408 06-01-2020, 07:42 AM
Last Post: Mr.Kurd
Star News Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial Mr.Kurd 0 439 04-08-2020, 08:43 AM
Last Post: Mr.Kurd
Question News Windows Running MS-SQL Servers Under Attack!! Hackers Installing 10 Secret Backdoors Mr.Kurd 0 395 04-02-2020, 08:38 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)