Nmap Development mailing list archives
smb-smbloris PR
From: Wong Wai Tuck <wongwaituck () gmail com>
Date: Fri, 25 Aug 2017 04:04:19 +0000
Hey list SMBLoris was a high-profile vulnerability that was publicly disclosed in DEFCON 25. It allowed unauthenticated remote users to use up physical memory on the victim machine through SMB, leading to a possible DoS vector. Unfortunately, Microsoft decided that it was something that won't be patched, and hence this script to leverage on this vulnerability was born. In it's current state, it is able to allocate consistently a maximum of around 3GiB (depending on the number of ports you wish to request from), but if more port numbers are used then an issue occurs. More on the issue here [1]. The pull request can be found here [2]. Looking forward to feedback from the community! [1]: http://seclists.org/nmap-dev/2017/q3/127 [2]: https://github.com/nmap/nmap/pull/983 Wai Tuck
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- smb-smbloris PR Wong Wai Tuck (Aug 24)