Windows SMBv3 0Day PoC DoS Exploit Released http://ow.ly/8VsP509cwVJ
Interesting. What exactly did you do after launching the browser to trigger the bug?
-
-
I only went to a webpage that I set up that include the img tag with src="\\[ip]\x.git" . Here is a pcap : https://isc.sans.edu/diaryimages/smbhttpexploit.pcap …
-
Right on. I can confirm that IMG works! IFRAME, didn't, A HREF didn't, etc. Excellent work!
End of conversation
New conversation -
-
-
the pcap shows the HTTP request downloading the html file with img tag, then the outbound SMB connection.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.