.

0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

<<

vijay2

Full Member
Full Member

Posts: 220

Joined: Wed Mar 28, 2007 6:22 am

Post Tue Sep 08, 2009 7:57 am

0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

For more info

http://g-laurent.blogspot.com/

Looks like a Metasploit module will be added soon for this bug.

http://isc.sans.org/diary.html?storyid=7093&rss

Stay tuned
Last edited by vijay2 on Tue Sep 08, 2009 8:38 am, edited 1 time in total.
GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+
<<

nightmare44

Newbie
Newbie

Posts: 10

Joined: Mon Jul 13, 2009 7:19 am

Location: Maryland

Post Tue Sep 08, 2009 8:41 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Tested it this morning on my BT VM and works perfectly
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Tue Sep 08, 2009 8:51 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

nice....
<<

nightmare44

Newbie
Newbie

Posts: 10

Joined: Mon Jul 13, 2009 7:19 am

Location: Maryland

Post Tue Sep 08, 2009 8:57 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

MetaSploit module:

http://pastie.org/609407

Also be sure filesharing is enabled in Win7/Vista in Network Connection Center for it to work.
<<

morpheus063

User avatar

Sr. Member
Sr. Member

Posts: 393

Joined: Sun Jun 25, 2006 10:08 am

Location: Cochin - India

Post Tue Sep 08, 2009 12:55 pm

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Tested and working perfectly fine - :)

Just made a Video capture - (very low resolution - mobile capture) http://www.youtube.com/watch?v=gG1g7f2EKjw
Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n
<<

ethicalhack3r

Full Member
Full Member

Posts: 139

Joined: Fri Nov 28, 2008 11:29 am

Post Tue Sep 08, 2009 1:13 pm

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Works on local machine too. Time to BSOD my girlfriend all night!  ;D
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Tue Sep 08, 2009 1:35 pm

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Metasploit guys already added it into the framework. Tested it on my Vista box - works like a charm.

smb2_negotiate_pidhigh.rb
http://www.anonym.to/?http://trac.metasploit.com/browser/framework3/trunk/modules/auxiliary/dos/windows/smb/smb2_negotiate_pidhigh.rb
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Sep 08, 2009 2:20 pm

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Nice one.. wonder when first patch will be released..
<<

vijay2

Full Member
Full Member

Posts: 220

Joined: Wed Mar 28, 2007 6:22 am

Post Wed Sep 09, 2009 10:24 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Apparently the bug is just for SMB v2 and you can disabled SMB v2 if you are not using it.

More info. on

http://www.petri.co.il/how-to-disable-s ... r-2008.htm

VJ
GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+
<<

termight

User avatar

Newbie
Newbie

Posts: 26

Joined: Tue Aug 21, 2007 5:50 pm

Location: MARS

Post Tue Dec 22, 2009 1:40 pm

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Hi ALL,
  i'm new to this security business, want i actually do is to secure peremeter devices with firewall but i think it's better to know the treats out there so i can really prepare. my question now is what do i do if i get the source code for this exploite and i want a prove of concept?
most of the source i see is in python and i don't know what to do. i run a linux box and mixture of windows pc's what do i need to compile a python source code.

thanks to anyone who helps and a merry christmas.
Perry
>>There Is Always A Blind Spot In
>>Every Software, It's Up To Us To Find It
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Wed Dec 23, 2009 5:34 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Hi termight,

Python isn't compiled, but run on the fly. On Linux usual execution of a python script would be:
python sourceFile.py [parameters]
(assumes python is installed and binary is in your path)
or
./sourceFile.py [parameters]
(assumes you are in the same directory as the source file)

Hope this helps
<<

termight

User avatar

Newbie
Newbie

Posts: 26

Joined: Tue Aug 21, 2007 5:50 pm

Location: MARS

Post Wed Dec 23, 2009 6:14 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

Hi Andrew,
Thanks for the reply, just a clearification. i'm a fun of milw0rm.com i see alot of exploite there example. http://www.milw0rm.com/exploits/66
how do i compile this

thanks again
>>There Is Always A Blind Spot In
>>Every Software, It's Up To Us To Find It
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Wed Dec 23, 2009 9:16 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

The example you provide looks like it is C, so compiling with gcc would likely be the standard scenario. Plenty of resources to help you out here.
<<

termight

User avatar

Newbie
Newbie

Posts: 26

Joined: Tue Aug 21, 2007 5:50 pm

Location: MARS

Post Wed Dec 23, 2009 9:39 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

;) thanks Andrew, you're the best.. ;)
>>There Is Always A Blind Spot In
>>Every Software, It's Up To Us To Find It
<<

termight

User avatar

Newbie
Newbie

Posts: 26

Joined: Tue Aug 21, 2007 5:50 pm

Location: MARS

Post Wed Dec 23, 2009 9:58 am

Re: 0Day PoC for SMB v2 bug in Vista / Windows 7 / Windows 2008 relaeased

  Hey Andrew,
          would you be my mentor in security,pentesting and defence. cos i really want to study. like i said before i'm into firewalls both ISA and Cisco ASA. currently i have MCSE Security,CCNP,CCDP,CCIE WRITTEN and i've scheduled my lab for April next year. but my problem now is i really LOVE security but netwoking is pulling me off.
  The question i always ask is "after all this security crackers are still able to hack into networks" then why security, i'm even thinking there is nothing called security cos today you're secured tomorrow you are down. i've decided to do the OSCP and OSWP and forget about the CCIE. please advise me.

Thanks
>>There Is Always A Blind Spot In
>>Every Software, It's Up To Us To Find It
Next

Return to News from the Outside World

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software