Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE Script to exploit the Windows Vista and 7 SMB 2.0 remote BSOD bug?

From: David Fifield <david () bamsoftware com>
Date: Sun, 13 Sep 2009 15:39:16 -0600
On Thu, Sep 10, 2009 at 10:42:54AM -0500, Ron wrote:

I can trigger the DoS pretty easily, but I'm having trouble telling if  
the server was taken offline. The connect() and send() calls seem to be  
returning the wrong result (a packetlogger tells me that the server  
isn't responding, yet connect() returns true). I've attached the script  
that *should* return the correct results, but it only returns "TEST!"  
for me, which tells me that the connect() is succeeding.

      if(status == false) then
              socket:close()
              return true, VULNERABLE
      end


Try using "if not status" instead of "if status == false". The socket
operation could be returning nil.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: