Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum

News 

Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely

0 Replies, 1688 Views

In The Name Of Allah
Heart  Al-Salam Alekum Heart

[Image: SMBleed.png]

Windows SMB again came back with a nice remote gift for whom care about it xD


Quote:Well, this whole vulnerability deals with SMB messages, and these messages primarily include fields like the number of bytes to address and flags, and thus it accompanied by a variable-length buffer. By crafting this, the messages become quite easy, so this is a perfect tool for exposition.


But there are some variable that contains uninitialized data, and therefore, we put different addition to the compression function that is based on our POC on Microsoft’s WindowsProtocolTestSuites repository.

By adding this will not be sufficient, as POC needs different credentials and a writable share, that are easily accessible in many situations. Still, the bug refers to every sought of the message so that it can get utilized remotely for any authentication.

More importantly, the memory that has leaked is generally related to the earlier allocation in the NonPagedPoolNx pool, as we can manage the allocation size, which implies that the leaked data may come into our control to some extent.



The Soruce
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug News 0 1,702 11-07-2020, 04:13 PM
Last Post: News
Star News Update Windows 10 to patch critical vulnerability in Microsoft store games News 0 1,667 11-06-2020, 04:22 AM
Last Post: News
Star News Google Project Zero Discloses Nasty Windows 0-Day Security Exploit Already In The Wi News 0 1,723 11-01-2020, 06:12 AM
Last Post: News
Star News Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patc News 0 1,805 10-21-2020, 11:27 AM
Last Post: News
Star News US Warns: Hackers Chaining Zerologon, Other Vulnerabilities News 0 1,851 10-11-2020, 01:15 PM
Last Post: News
Star News Joplin 1.0.245 Cross Site Scripting / Code Execution ≈ Packet Storm News 0 1,410 09-29-2020, 07:43 AM
Last Post: News
Star News Homeland Security Issues Urgent Windows Security Warning Over Zerologon Exploit News 0 1,570 09-21-2020, 09:26 AM
Last Post: News
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 1,475 09-18-2020, 08:12 AM
Last Post: News
Star News ManageEngine Applications Manager Authenticated Remote Code Execution - CXSecurity.c News 0 1,336 09-06-2020, 01:51 PM
Last Post: News
Thumbs Up News Citrix Bugs Allow Unauthenticated Code Injection, Data Theft Mr.Kurd 1 1,980 07-15-2020, 12:28 AM
Last Post: EthelCrife



Users browsing this thread: 1 Guest(s)