whitehat9090
commented
4 years ago Hello,I always have the problem " Failed to find low stub in physical memory!" Do you have some suggestion? I hope to receive your rely!
You check if firewall turn off!
Open wanghualei2 opened 4 years ago
whitehat9090
commented
4 years ago Hello,I always have the problem " Failed to find low stub in physical memory!" Do you have some suggestion? I hope to receive your rely!
You check if firewall turn off!
0xFF1E071F
commented
4 years ago Hello,I always have the problem " Failed to find low stub in physical memory!" Do you have some suggestion? I hope to receive your rely!
On target machine, run:
C:\Users\Administrator>netsh advfirewall set allprofiles state off
wanghualei2
commented
4 years ago Hello,I always have the problem " Failed to find low stub in physical memory!" Do you have some suggestion? I hope to receive your rely!
On target machine, run:
C:\Users\Administrator>netsh advfirewall set allprofiles state off
I had set allprofiles state off.It seem low stub is not lie the address
0xFF1E071F
commented
4 years ago Are you using you target machine "Debug mode ON"
Because i am getting the same error when my target machine is set to bcdedit /set debug yes
@chompie1337 any ideas?
chompie1337
commented
4 years ago Hmm, so it seems like it's possible the low stub is not present on the VM. it does a search for it at all physical addresses <1MB. how the VM is configured can affect this but I'm not too sure of the details as there is not much research available about it.
I've tested using VMWare Fusion and VMWare Workstation both BIOS and UEFI using "easy install" setup and it seems to be present in both. Can you describe your testing env?
EDIT: tested the above both in debug mode and non debug mode as well
0xFF1E071F
commented
4 years ago Hmm, so it seems like it's possible the low stub is not present on the VM. it does a search for it at all physical addresses <1MB. how the VM is configured can affect this but I'm not too sure of the details as there is not much research available about it.
I've tested using VMWare Fusion and VMWare Workstation both BIOS and UEFI using "easy install" setup and it seems to be present in both. Can you describe your testing env?
EDIT: tested the above both in debug mode and non debug mode as well
@chompie1337 i have opened a new issue for this: https://github.com/chompie1337/SMBGhost_RCE_PoC/issues/13
wanghualei2
commented
4 years ago Hmm, so it seems like it's possible the low stub is not present on the VM. it does a search for it at all physical addresses <1MB. how the VM is configured can affect this but I'm not too sure of the details as there is not much research available about it. I've tested using VMWare Fusion and VMWare Workstation both BIOS and UEFI using "easy install" setup and it seems to be present in both. Can you describe your testing env? EDIT: tested the above both in debug mode and non debug mode as well
@chompie1337 i have opened a new issue for this: #13
I use the virtualbox.the vmware is failed in win10
Hello,I always have the problem " Failed to find low stub in physical memory!" Do you have some suggestion? I hope to receive your rely!