Shostack + Friends Blog Archive


0wned in 60 seconds

0:56 – A student system in Founders scanned victim on TCP port 445 (file sharing). Victim responded. Student system immediately closed connection and opened a new connection on victim port 445. Following LAN Manger protocol negotiation and MS/DCE RPC Bind, student system attacked victim with buffer overflow to exploit Microsoft LSASS vulnerability.

Less than 60 seconds from DHCP to buffer overflow. Read about it here.