About 15 years ago during Windows 95 era, there were a lot of “winnukes” which can cause Windows to blue screen. Microsoft did release patches to fix those bugs but during that time Internet was still very new and not many people know that there are updates to fix those problems. There was no Windows Update to scan what your system needed to update. Then came Windows 98 and most of the winnukes were patched. However I still remembered that a team called X-Coders has came up with IGMP nukes which can also crashes Windows 98.
Finally XP came and it is considered to be one of the most stable Windows that Microsoft ever released! As stable as it is, hackers still able to find flaw in their system. That time there was another nuker called SMBDie which crashes Windows XP computers by sending a specially crafted SMB request.
It definitely worked because I was pretty much “abusing” it with my childish teenager mindset. I didn’t crash just anyone but only to a particular guy who was downloading a lot with Limewire and hogging the Internet connection until none of the housemates can use the Internet. If I am not wrong, that bug was patched in SP1.
Just when we thought the latest Windows Vista and 7 is safe, Laurent Gaffié discovered an exploit that can cause a remote computer to get a bluescreen of death and released a proof of concept on 9th September. I only got to know about it few days ago because on the day the exploit was released, I was busy packing my bags and getting ready for my honeymoon.
I found 2 compiled version of the exploit and this is how it looks like. This one has an interface for you to enter the victim’s IP address and clicking the OK button will send a specially crafted packet to the remote computer.
The second one is command line application. Just enter the IP address after the program to launch the attack.
I’ve tried to attack my own computer running Windows Vista SP1 and the computer shows a blue screen and auto rebooted. When Windows is booted up, I got a notification window that says “Window has recovered from an unexpected shutdown” with the problem event name “BlueScreen”.
The good news is Windows Firewall is able to block this attack. Thank God that all Windows Firewall is turned on by default or else a lot of people will get nuked by another wave of SMBDie. Looks like Windows Firewall is not so useless after all… Windows XP and 2000 are NOT affected as they don’t have the SMB2.0 driver. You can also update your Windows to be patched from this exploit. If you take a look at this video, Immunity Inc has made a working exploit of SMBv2 that can run commands on the remote system!
Hello, anyone wanna help a girl out?
I am pretty well versed in computers, but i need a complete geek.
I need to find a way to constantly and remotely crash someones PC. Especially if they try to get on facebook or myspace. I don’t wanna destroy their PC, just crash it or give it the bsod. This has to be remotely administered without the person knowing. Please someone help me.
Please send me a code and or directions on how to do this (as well on how to undo it) to Go2Area51@gmail.com
Any other Dirty Nuke Tools do u know man?
Nerd Deity.
Great work.
Thanks, for give me everyday great information.
Would love a License for this product please as I have hundreds of travel photos which I would like to email to friends.
please tell about the port from where i can get it…………….
an other reason to respect XP !
thanks Raymond
Windows 7 launch party is tomorrow! plus there will be free 1 yr subscriptions for panda and kaspersky internet security suites on that day if you register on their websites, which is on Oct 22.
perl script and standalone exe here
illmob.org/2009/09/vistawin7-smb2-nuke/
illmob.org/smb2nuke.pl
illmob.org/smb2nuke.exe
if you get metasploit you can remotely own someone who is flawed with one of their modules
need kaspersky internet security 2010(9.0.0.463) activation code plssssssssssssssssssssssssssssssssssss
need kaspersky internet security 2010 activation code plsssss……………….
“You can also update your Windows to be patched from this exploit”
did microsoft release an update to fix this exploit?
Ha ha ha, the netbus daizz lool,
this xploit patched
hacker just love windows, windows just like a field for hacker to play football, who can score he the winner. who can hack the os, he the great.
because windows always get this problem at first, apple learn from windows mistake and fix the problem on their machines, that why they have stable os.
ummm… die come back…
were can i download
SMB2 NPR remote BSOD tool
nice article raymond………………………………..
hehehe i remember those days. i usually nuke rude people during my mIRC days. nuking and mail bombing ahh memories :D
You can download smbdie.exe on dereenigne.com/
Thank you raymond!
How to download it?
nice information.
THANX… for this information.. ray
This tool can crash Windows, obviously antivirus will flag this tool as trojan/threat.
Great article.. Thanks man.. :)
So it means SMBv2 doesn’t work with Win XP, well
and what about other firewall ???
You are the best man Raymond.
This tools includes trojans, be careful
ra….com/files/127888061/Imcan6.23.zip
Nice tool Raymond !!!But u didnt tell where to download This tool…
I really like your blog and i respect your work. I’ll be a frequent visitor.