Windows SMBv3 Zero Day Vulnerability

Introduction: A buffer overflow vulnerability in SMBv3 was made public on Feb 12017, by Laurent Gaffie. The CVE-ID is CVE-2017-0016. A PoC for the same is also available here. The bug affects Windows 2012, Server 2016 and Windows 10. At the moment the PoC only demonstrates DoS attack on the target, we are not sure … Continue reading “Windows SMBv3 Zero Day Vulnerability”

Exploiting Buffer Overflow Vulnerability In Boxoft WAV

Abstract While analyzing exploits for ThreatPROTECT, I came across a proof of concept (PoC) for Boxoft WAV to MP3 Converter that creates a message box on older windows systems. So I decided to pimp-it-up so that it can be converted into a robust exploit which will work on all modern Windows operating systems, demonstrating that the … Continue reading “Exploiting Buffer Overflow Vulnerability In Boxoft WAV”