Back to search

Microsoft Windows 7 / Server 2008 R2 SMB Client Infinite Loop

This module exploits a denial of service flaw in the Microsoft Windows SMB client on Windows 7 and Windows Server 2008 R2. To trigger this bug, run this module as a service and forces a vulnerabile client to access the IP of this system as an SMB server. This can be accomplished by embedding a UNC path (\HOST\share\something) into a web page if the target is using Internet Explorer, or a Word document otherwise.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

auxiliary/dos/windows/smb/ms10_006_negotiate_response_loop

Authors

  • Laurent Gaffie <laurent.gaffie [at] gmail.com>
  • hdm <hdm [at] metasploit.com>

References

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/dos/windows/smb/ms10_006_negotiate_response_loop msf auxiliary(ms10_006_negotiate_response_loop) > show actions ...actions... msf auxiliary(ms10_006_negotiate_response_loop) > set ACTION <action-name> msf auxiliary(ms10_006_negotiate_response_loop) > show options ...show and set options... msf auxiliary(ms10_006_negotiate_response_loop) > run

Related Vulnerabilities