- What is SMB
- What is the attack (and why it works)
- How to use the tool
- How to protect your systems
- Microsoft Windows XP Professional
- Microsoft Windows XP 64-Bit Edition
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Server4.0, Terminal Server Edition
- Microsoft Windows NT Workstation 4.0
The Attack
By sending a specially crafted packet request, an attacker can mount a denial of service attack on the target server machine and crash the system. The attacker could use both a user account and anonymous access to accomplish this. Though not confirmed, it may be possible to execute arbitrary code.To run the attack you can do the following:
1. Download the tool from a ‘trusted’ site. Remember, downloading these tools may cause you serious heartburn if you install a Trojan! Be careful. You can download the SMBDie tool here: DOWNLOAD
2. Next, you need to run it so you can run the attack. Be careful, if you are running AntiVirus software (and actually update it), then the tool will be quarantined immediately. Make sure you run this (like I do) on test systems so you can learn to use them and protect against them. If you run it on your main machine, disable AntiVirus Auto protect.
3. Open the tool as seen below. Enter the IP address / NetBIOS name and run the KILL button. Look over at your server (mine was a .NET test server although it flagged it as XP) and blammo – its toast.
4. If you fix the problem, you wont be able to connect:
0 comments:
Post a Comment