This module exploits a vulnerability in mrxsmb.sys when it responses to the client with a malformed SMB packet.

This module exploits a remote vulnerability on the FIND_FIRTS2 SMB subcommand on the srv.sys driver. It could allow an attacker to connect to a shared folder and send a specially crafted SMB message to an affected system causing a denial of service.

This module sends a "SMB Browser Election" UDP packet to the "Active Directory" service running in the target. When the Windows kernel processes this crafted packet, the "bowser.sys" kernel module finishes calling to "memcpy" function with the length parameter of 4.294.967.295 bytes. After that, the "memcpy" function corrupts all the kernel heap and finish crashing the target kernel.

This module exploits a vulnerability on srv2.sys via a SMB negociation packet.

This module exploits a vulnerability in "schannel.dll" by sending a crafted certificate packet to the "Internet Information Services" server via TLS protocol producing a heap overflow in the critical LSASS Windows process.

This module sends a malformed NetBIOS packet which causes the execution of an infinite loop in the target system

This modules exploits a kernel vulnerability in Microsoft Remote Desktop server by sending a sequence of specially crafted RDP packets to the target system.

This module triggers a memory corruption vulnerability in the Remote Desktop Service by sending a malformed packet to the 3389/TCP port.

A denial of service vulnerability exists in the Windows kernel due to the manner in which the kernel processes the values of symbolic links. This module exploits the vulnerability, causing the system to become unresponsive and automatically restart.

This module exploits a vulnerability in "spoolsv.exe" answering a crafted packet to the target, upon success it will leave the service unavailable.