0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Viewing 20 reply threads
  • Author
    Posts
    • #4247
      vijay2
      Participant

      For more info

      http://g-laurent.blogspot.com/

      Looks like a Metasploit module will be added soon for this bug.

      http://isc.sans.org/diary.html?storyid=7093&rss

      Stay tuned

    • #26917
      nightmare44
      Participant

      Tested it this morning on my BT VM and works perfectly

    • #26918
      Jhaddix
      Participant

      nice….

    • #26919
      nightmare44
      Participant

      MetaSploit module:

      http://pastie.org/609407

      Also be sure filesharing is enabled in Win7/Vista in Network Connection Center for it to work.

    • #26920
      morpheus063
      Participant

      Tested and working perfectly fine – 🙂

      Just made a Video capture – (very low resolution – mobile capture) http://www.youtube.com/watch?v=gG1g7f2EKjw

    • #26921
      ethicalhack3r
      Participant

      Works on local machine too. Time to BSOD my girlfriend all night!  ;D

    • #26922
      KrisTeason
      Participant

      Metasploit guys already added it into the framework. Tested it on my Vista box – works like a charm.

      smb2_negotiate_pidhigh.rb
      http://www.anonym.to/?http://trac.metasploit.com/browser/framework3/trunk/modules/auxiliary/dos/windows/smb/smb2_negotiate_pidhigh.rb

    • #26923
      UNIX
      Participant

      Nice one.. wonder when first patch will be released..

    • #26924
      vijay2
      Participant

      Apparently the bug is just for SMB v2 and you can disabled SMB v2 if you are not using it.

      More info. on

      http://www.petri.co.il/how-to-disable-smb-2-on-windows-vista-or-server-2008.htm

      VJ

    • #26925
      termight
      Participant

      Hi ALL,
        i’m new to this security business, want i actually do is to secure peremeter devices with firewall but i think it’s better to know the treats out there so i can really prepare. my question now is what do i do if i get the source code for this exploite and i want a prove of concept?
      most of the source i see is in python and i don’t know what to do. i run a linux box and mixture of windows pc’s what do i need to compile a python source code.

      thanks to anyone who helps and a merry christmas.
      Perry

    • #26926
      RoleReversal
      Participant

      Hi termight,

      Python isn’t compiled, but run on the fly. On Linux usual execution of a python script would be:
      python sourceFile.py [parameters]
      (assumes python is installed and binary is in your path)
      or
      ./sourceFile.py [parameters]
      (assumes you are in the same directory as the source file)

      Hope this helps

    • #26927
      termight
      Participant

      Hi Andrew,
      Thanks for the reply, just a clearification. i’m a fun of milw0rm.com i see alot of exploite there example. http://www.milw0rm.com/exploits/66
      how do i compile this

      thanks again

    • #26928
      RoleReversal
      Participant

      The example you provide looks like it is C, so compiling with gcc would likely be the standard scenario. Plenty of resources to help you out here.

    • #26929
      termight
      Participant

      😉 thanks Andrew, you’re the best.. 😉

    • #26930
      termight
      Participant

        Hey Andrew,
                would you be my mentor in security,pentesting and defence. cos i really want to study. like i said before i’m into firewalls both ISA and Cisco ASA. currently i have MCSE Security,CCNP,CCDP,CCIE WRITTEN and i’ve scheduled my lab for April next year. but my problem now is i really LOVE security but netwoking is pulling me off.
        The question i always ask is “after all this security crackers are still able to hack into networks” then why security, i’m even thinking there is nothing called security cos today you’re secured tomorrow you are down. i’ve decided to do the OSCP and OSWP and forget about the CCIE. please advise me.

      Thanks

    • #26931
      RoleReversal
      Participant

      Hi Termight,

      humbled by the request, but I’m still just learning this stuff myself. But keep asking intelligent questions around here and I’ll likely be around to help when and where I can.

      I wouldn’t give up on the Cisco certs completely, partly because it is easier to secure/compromise a network if you have an indepth understanding of a network, and partly because there is some really good money available if you can get your CCIE.

      But at the same time I would also suggest the OSCP, is a brilliant course and will/would-have answered the queries you’ve had today, plus a whole lot more.

      Andrew

    • #26932
      Kev
      Participant

      Sorry Termight but he promised to be my mentor first!  I like that name termight or termite.  A termite has an amazing way to tunnel in and own a house or wood.  Wood being a vulnerable place, block being a little more secure.  Very good.

    • #26933
      termight
      Participant

      Hi Kev,
       thanks for the compliment on my name. actually i choose the name termight cos of the insect termite but wanted a different way to spell it.
      Termites are the best networks and tunnel drillers in this world. also it’s hard to get them during the day only at night or till the day they’ll break down your house. lol  ;D.
      and about the mentoring we can both share one master and be the best team mates. think abt it. i can also help you in Cisco and Microsoft stuff.

    • #26934
      termight
      Participant

      Hi Andrew,
        Does it means CCIE pays more than security? if yes then after my CCIE R&S i’ll pursue the CCIE security track. Also thank you very much for the advise. Merry Christmas.

      to all who read this Merry Christmas.

    • #26935
      hayabusa
      Participant

      I’d say the pay comes with the experience and the specific position, but in general, CCIE’s make excellent money, from employers looking for the cert.  That said, Security knowledge can be equally valuable, in the right markets.  It’s all about choice, where you want your career to go, and who you want to work with / for.

      Regards.

    • #26936
      RoleReversal
      Participant

      Hi Termight,

      I didn’t say that CCIE pays more than security, don’t have the knowledge or stats to back that up. But from anecdotal evidence you’ll likely find it easier to convince non-technical HR/Management/organisations to pay big bucks for a ‘network guy’ than a ‘security guy’. Just business mentality. But as Hayabusa states, where/what do you want to work can be more important in the long run than who will pay the most money. Plenty of factors to consider.

Viewing 20 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?