12 matches found
Makin - Reveal Anti-Debugging Tricks
makin is to make initial malware assessment little bit easier, It helps to reveal a debugger detection techniques used by a sample. Supports x64 and x86 How does it work? makin opens a sample as a debuggee and injects asho.dll, asho.dll hooks several functions at ntdll.dll library and after...
Microsoft SMB Driver Local Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18357/info The Microsoft SMB driver is prone to a local denial-of-service vulnerability. A local attacker can exploit this issue to create processes that cannot be killed in affected operating systems, potentially denying...
DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service
//////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | Data Encryption Systems Ltd. - http://www.deslock.com/ | // // | Data Encryption Systems DESlock+ - 3.2.7 | // /...
DESlock+ 3.2.7 - vdlptokn.sys Local Denial of Service
DESlock+ 3.2.7 - vdlptokn.sys Local Denial of Service //////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | Data Encryption Systems Ltd. - http://www.deslock.com/ | /...
DESlock+ 3.2.7 (vdlptokn.sys) Local Denial of Service Exploit
No description provided by source. //////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | Data Encryption Systems Ltd. - http://www.deslock.com/ | // // | Data...
ESET Smart Security 3.0.667.0 Privilege Escalation PoC
Exploit for unknown platform in category dos / poc ====================================================== ESET Smart Security 3.0.667.0 Privilege Escalation PoC ====================================================== -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : ES...
MS Windows (NtClose DeadLock) Vulnerability PoC (MS06-030)
No description provided by source. //////////////////////////////////////////////////////////////////////////////// ///////// MRXSMB.SYS NtClose DEADLOCK exploit/////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //November 19,2005...
Regarding "SMB Invalid Handle Value" - MS06-030. Vulnerability not fixed.
Hi, Just to confirm that Microsoft has not fixed the NtClose/ZwClose DeadLock vulnerability. The bulletin MS06-030 addressed this flaw as "SMB Invalid Handle Value" which is just an euphemism under my point of view. The code added to mrxsmb.sys is just a wrapper in order to avoid the "Invalid...
MS Windows (NtClose DeadLock) Vulnerability PoC (MS06-030)
Exploit for unknown platform in category local exploits ========================================================== MS Windows NtClose DeadLock Vulnerability PoC MS06-030 ==========================================================...
REVERSING MRXSMB.SYS CHAPTER II “NtClose DeadLock”
REVERSING MRXSMB.SYS CHAPTER II “NtClose DeadLock” Rubn Santamarta [email protected] www.reversemode.com May 15, 2006 Abstract Kernel Object Manager is prone to a deadlock situation which could be exploitable making unkillable any process running, complicating its elimination. INDEX...
Microsoft Windows - NtClose DeadLock (MS06-030)
Microsoft Windows - NtClose DeadLock MS06-030 //////////////////////////////////////////////////////////////////////////////// ///////// MRXSMB.SYS NtClose DEADLOCK exploit/////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //Novemb...
Microsoft Windows - NtClose DeadLock (MS06-030)
//////////////////////////////////////////////////////////////////////////////// ///////// MRXSMB.SYS NtClose DEADLOCK exploit/////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //November 19,2005...