SMBRelay information

SMBRelay and SMBRelay2 are computer programs that can be used to carry out SMB man-in-the-middle (mitm) attacks on Windows machines. They were written by Sir Dystic of Cult of the Dead Cow (cDc) and released March 21, 2001 at the @lantacon convention in Atlanta, Georgia. More than seven years after its release, Microsoft released a patch that fixed the hole exploited by SMBRelay.^[1]^[2] This fix only fixes the vulnerability when the SMB is reflected back to the client. If it is forwarded to another host, the vulnerability can be still exploited.^[3]^[4]

^ "Microsoft Security Bulletin MS08-068." Microsoft Security Bulletin, November 11, 2008. Retrieved November 12, 2008.
^ Fontana, John. "Microsoft patch closes 7-year-old OS hole, expert says Archived 2012-04-02 at the Wayback Machine." Network World, November 12, 2008. Retrieved November 12, 2008.
^ ""NTLM is Dead" (PDF). Archived from the original (PDF) on 2012-10-18.", Kurt Grutzmacher - Defcon 16
^ ""Archived copy" (PDF). Archived from the original (PDF) on 2011-11-26. Retrieved 2012-01-26.{{cite web}}: CS1 maint: archived copy as title (link)." Security Bugs in Protocols are Really Bad!

[1] "Microsoft Security Bulletin MS08-068." Microsoft Security Bulletin, November 11, 2008. Retrieved November 12, 2008.

[2] Fontana, John. "Microsoft patch closes 7-year-old OS hole, expert says Archived 2012-04-02 at the Wayback Machine." Network World, November 12, 2008. Retrieved November 12, 2008.

[3] ""NTLM is Dead" (PDF). Archived from the original (PDF) on 2012-10-18.", Kurt Grutzmacher - Defcon 16

[4] ""Archived copy" (PDF). Archived from the original (PDF) on 2011-11-26. Retrieved 2012-01-26.{{cite web}}: CS1 maint: archived copy as title (link)." Security Bugs in Protocols are Really Bad!

SMBRelay information

and 4 Related for: SMBRelay information

SMBRelay

Cult of the Dead Cow

Sir Dystic

Pass the hash