http://praetorianprefect.com Information security, a little slower...a little deeper Thu, 19 Jan 2012 03:59:33 +0000 http://wordpress.org/?v=2.9.2 en hourly 1 http://praetorianprefect.com/archives/2010/01/windows-smb-crash-video/ http://praetorianprefect.com/archives/2010/01/windows-smb-crash-video/#comments Thu, 14 Jan 2010 05:27:07 +0000 Prefect http://praetorianprefect.com/?p=2997 on November 11th, 2009 we confirmed Laurent Gaffié's remote exploit for Windows that causes a kernel crash. The operating system actually freezes creating a denial of service when for example a user is tricked into clicking on a link to a malicious SMB share on a web page. The SMB client goes into an infinite loop when processing this malformed request according to Microsoft. The video below demonstrates this effect, having a user click a web site link and showing the crash.]]> http://praetorianprefect.com/archives/2010/01/windows-smb-crash-video/feed/ 5 http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/ http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/#comments Wed, 11 Nov 2009 21:16:28 +0000 MJP http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/ his blog, demonstrating a much too easy way to remotely crash a Windows 7 or Windows Server 2008 machine. The crash is caused by sending a NetBIOS header which specifies that the SMB packet is 4 bytes smaller or larger than it actually is. In this code sample below, you can see that the header has the length of the packet set to 9a rather than 9e (4 bytes smaller).]]> http://praetorianprefect.com/archives/2009/11/how-to-crash-windows-7-and-server-2008/feed/ 25