Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum
Navigation:   Red Security General News News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely

News 

Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely

0 Replies, 1736 Views

Mr.Kurd

   06-12-2020, 08:24 AM
::1 Try me
Administrators
#1
Exclamation 
In The Name Of Allah
Heart  Al-Salam Alekum Heart

[Image: SMBleed.png]

Windows SMB again came back with a nice remote gift for whom care about it xD


Quote:Well, this whole vulnerability deals with SMB messages, and these messages primarily include fields like the number of bytes to address and flags, and thus it accompanied by a variable-length buffer. By crafting this, the messages become quite easy, so this is a perfect tool for exposition.


But there are some variable that contains uninitialized data, and therefore, we put different addition to the compression function that is based on our POC on Microsoft’s WindowsProtocolTestSuites repository.

By adding this will not be sufficient, as POC needs different credentials and a writable share, that are easily accessible in many situations. Still, the bug refers to every sought of the message so that it can get utilized remotely for any authentication.

More importantly, the memory that has leaked is generally related to the earlier allocation in the NonPagedPoolNx pool, as we can manage the allocation size, which implies that the leaked data may come into our control to some extent.



The Soruce
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug News 0 1,818 11-07-2020, 04:13 PM
Last Post: News
Star News Update Windows 10 to patch critical vulnerability in Microsoft store games News 0 1,782 11-06-2020, 04:22 AM
Last Post: News
Star News Google Project Zero Discloses Nasty Windows 0-Day Security Exploit Already In The Wi News 0 1,844 11-01-2020, 06:12 AM
Last Post: News
Star News Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patc News 0 1,921 10-21-2020, 11:27 AM
Last Post: News
Star News US Warns: Hackers Chaining Zerologon, Other Vulnerabilities News 0 1,966 10-11-2020, 01:15 PM
Last Post: News
Star News Joplin 1.0.245 Cross Site Scripting / Code Execution ≈ Packet Storm News 0 1,462 09-29-2020, 07:43 AM
Last Post: News
Star News Homeland Security Issues Urgent Windows Security Warning Over Zerologon Exploit News 0 1,620 09-21-2020, 09:26 AM
Last Post: News
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 1,529 09-18-2020, 08:12 AM
Last Post: News
Star News ManageEngine Applications Manager Authenticated Remote Code Execution - CXSecurity.c News 0 1,384 09-06-2020, 01:51 PM
Last Post: News
Thumbs Up News Citrix Bugs Allow Unauthenticated Code Injection, Data Theft Mr.Kurd 1 2,037 07-15-2020, 12:28 AM
Last Post: EthelCrife



Users browsing this thread: 1 Guest(s)