Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

smb-smbloris PR

From: Wong Wai Tuck <wongwaituck () gmail com>
Date: Fri, 25 Aug 2017 04:04:19 +0000
Hey list

SMBLoris was a high-profile vulnerability that was publicly disclosed in
DEFCON 25. It allowed unauthenticated remote users to use up physical
memory on the victim machine through SMB, leading to a possible DoS vector.
Unfortunately, Microsoft decided that it was something that won't be
patched, and hence this script to leverage on this vulnerability was born.

In it's current state, it is able to allocate consistently a maximum of
around 3GiB (depending on the number of ports you wish to request from),
but if more port numbers are used then an issue occurs. More on the issue
here [1].

The pull request can be found here [2]. Looking forward to feedback from
the community!

[1]: http://seclists.org/nmap-dev/2017/q3/127
[2]: https://github.com/nmap/nmap/pull/983

Wai Tuck

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: