Underground - Windows SMB Relay Exploit
August 5th, 2008 by 
Patchy
In this Underground video, Overide demonstrates how to obtain root access on a fully patched Windows XP SP3 Machine. He exploits a flaw in Windows Server Message Block (SMB) which is used to provide shared access to files between hosts on a network. Overide utilizes the Metasploits Framework to run the exploit. It works by relaying a SMB authentication request to another host which provides Metasploit with a authenticated SMB session, and if the user is an administrator, Metasploits will be able to execute code on the target computer such as a reverse shell. For this exploit to run, the target computer must try to authenticate to Metasploit. Overide forces the target computer to perform a SMB authentication attempt by using a Ettercap Filter.
Full Scale Video Here
Download Here
Download Ettercap Filter Here
For more information on the Metasploit Framework and Ettercap Filters check out Video Archive - Exploit Hacking, Underground - Metasploit Autopwn, and Episode 20 - Ettercap.
If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com
Download Here
Download Ettercap Filter Here
For more information on the Metasploit Framework and Ettercap Filters check out Video Archive - Exploit Hacking, Underground - Metasploit Autopwn, and Episode 20 - Ettercap.
If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com
Posted in Underground | 
13 Responses
You must be logged in to leave a comment.
August 6th, 2008 at 5:51 am
great video, loved this exploit ever since i saw it in the “Tactical Exploitation” seminar at defcon
just note that if your victim is using firefox, firefox is set not to load a local file share, especially \\smb\\image.jpg shares
August 6th, 2008 at 8:30 am
really liked the video m8, not usually one for using metasploit but was still a good video =]]
August 6th, 2008 at 3:47 pm
you can make this exploit work with firefox you just have to change the code a little bit.
Internet Explorer
Older versions of firefox
new firefox
August 7th, 2008 at 12:54 pm
lol sorry, I missed the part where you explained the different codes in the video ._.
my bad
August 7th, 2008 at 5:36 pm
great video! i also liked the background music…made it seem a little more professional!
August 8th, 2008 at 10:07 am
No problem Copy i sent Patchy the code so hopefully he can post it for everyone, and thanks for the positive feedback everyone.
August 9th, 2008 at 1:41 am
nice video…hopefully patchy post the code up…..
August 9th, 2008 at 1:57 am
I did already
August 10th, 2008 at 9:35 pm
Just wondering, What songs are playing in the background?
August 11th, 2008 at 5:30 pm
T3d its Tears Dont Fall by Bullet For My Valentine
September 1st, 2008 at 6:44 pm
hey patchy..can u tell me whr u posted the code….thnks…
September 3rd, 2008 at 10:53 pm
http://infinityexists.com/downloads/SMB%20Relay%20Filters.filter
September 4th, 2008 at 4:03 pm
would this exploit work with a firewall on & if it works with vista…thnks