Hello!, anybody is trying to use this PoC to detect and not to exploit vulnerable systems?
On not vulnerable systems I saw that "physical read primitive" fails, but in vulnerable systems the function "write_srvnet_buffer_hdr(ip, port, data, offset) - smb_compress(sock, compressed_data, 0xFFFFEFFF, dummy_data)" causes a BSOD.
Do you have any ideas to modify the code in order to do a check of the vulnerability without causing a BSOD?
The complexity of creating a vulnerability checker is PoC instability. Obtaining information from the server requires modifying the kernel memory of the OS, which in case of failure will lead to BSOD.
Hello!, anybody is trying to use this PoC to detect and not to exploit vulnerable systems? On not vulnerable systems I saw that "physical read primitive" fails, but in vulnerable systems the function "write_srvnet_buffer_hdr(ip, port, data, offset) - smb_compress(sock, compressed_data, 0xFFFFEFFF, dummy_data)" causes a BSOD. Do you have any ideas to modify the code in order to do a check of the vulnerability without causing a BSOD?
Best regards, Geffrey