Leveraging Microsoft SMB protocol to create a new attack vector
SMB is arguably one of the most audited protocols as far as internal enterprise networks are concerned: it is part of virtually every corporation's internal network penetration test plan. Because it was first designed for NetBIOS, a protocol non routable over the Internet, there is a widespread assumption that attacks originating from the Internet are however not practical. This white paper will first aim at showing that it is in fact possible to carry out very similar attacks remotely from the Internet.
The Server Message Block (SMB) protocol is a network protocol allowing files and printers sharing over NetBIOS, TCP/IP and IPX/SPX. Initially designed by IBM in 1984, it is nowadays extremely common in corporate networks. The most common implementations are the predominant Microsoft SMB stack shipped with Windows, as well as the Open source Samba implementations (on Unix like computers).
White paper is available here - https://www.blackhat.com/docs/us-15/materials/us-15-Brossard-SMBv2-Sharing-More-Than-Just-Your-Files-wp.pdf