Exploit Windows PC using EternalBlue SMB Remote Windows Kernel Pool Corruption

This module is a port of the Equation Group ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers. There is a buffer overflow memmove operation in Srv!SrvOs2FeaToNt. The size is calculated in Srv!SrvOs2FeaListSizeToNt, with mathematical error where a DWORD is subtracted into a WORD. The kernel pool is groomed so that overflow is… Continue reading →
The post Exploit Windows PC using EternalBlue SMB Remote Windows Kernel Pool Corruption appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/exploit-windows-pc-using-eternalblue-smb-remote-windows-kernel-pool-corruption/