Windows 7/Server 2008 R2 SMB client infinite loop

There are very few exploits available for Windows 7 and Windows Server 2008. The SMB client infinite loop is one such vulnerability that causes a system crash. This vulnerability will not provide any session or shell connectivity, but it is worth discussing. We will deal with the DLL injection flaw in Windows 7 in the Understanding the Windows DLL injection flaws recipe.

The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via SMBv1 or SMBv2 response packet. The packet contains an incorrect length value in a NetBIOS header or an additional length field ...

Get Metasploit Penetration Testing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Metasploit Penetration Testing Cookbook by Abhinav Singh

Windows 7/Server 2008 R2 SMB client infinite loop

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly