Security Information and Review

Collection of security information and review

Posts Tagged 'smb protocol'

The Latest Microsoft Windows SMB Vulnerability

Author : Admin

In this week, the latest Microsoft Windows vulnerability was reported in several sites or blogs, such as securityfocus site, g-laurent blog and others. In the newer Microsoft Windows operating system comes with a new SMB protocol version, it’s known as SMB2. This vulnerability in Microsoft Server Message Block ( SMB ) implementation with specific at SMB2 negotiate protocol request.

The SMB2 ( Server Message Block v2 ) protocol has been introduced in Microsoft Windows Vista and newer Microsoft Windows operating system. SMB2 comes with significant improving performance and reducing the number of commands and sub commands. … continue reading : The Latest Microsoft Windows SMB Vulnerability.

15 September 2009 at 10:03 - Comments

Microsoft Windows Authentication Spoofing Attack

Author : Admin

The common way to attack Microsoft Windows Sytem is pass through the Windows File and Print Sharing Service, which operates over protocol called SMB ( Server Message Block ). SMB protocol listening on TCP port 445 and 139 ( also known as NetBIOS based service ). An attacker commonly attacked via password guessing on Microsoft Remote Procedure Call ( MSRPC ) listening on TCP port 135, Terminal Services on TCP port 3389 and other services.

 

In this discussion, we will describe how to attack MS Windows System via password guessing and assuming that SMB is accessible. The most effective method for breaking into a Windows System is remote share mounting such as IPC$ or C$. Combination username and password is used to connect to an enumerated share. We will use the net use command like this. … continue reading : Microsoft Windows Authentication Spoofing Attack.

4 July 2009 at 17:55 - Comments