Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Trying to detect (check) not to exploit the vulnerability #14

Open
geffrix opened this issue Jun 28, 2020 · 1 comment
Open

Trying to detect (check) not to exploit the vulnerability #14

geffrix opened this issue Jun 28, 2020 · 1 comment

Comments

@geffrix
Copy link

geffrix commented Jun 28, 2020

Hello!, anybody is trying to use this PoC to detect and not to exploit vulnerable systems?
On not vulnerable systems I saw that "physical read primitive" fails, but in vulnerable systems the function "write_srvnet_buffer_hdr(ip, port, data, offset) - smb_compress(sock, compressed_data, 0xFFFFEFFF, dummy_data)" causes a BSOD.
Do you have any ideas to modify the code in order to do a check of the vulnerability without causing a BSOD?

Best regards,
Geffrey
@Mdbset
Copy link

Mdbset commented Jul 3, 2020
edited
Loading

The complexity of creating a vulnerability checker is PoC instability. Obtaining information from the server requires modifying the kernel memory of the OS, which in case of failure will lead to BSOD.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@geffrix @Mdbset