Friday, April 19, 2024
Latest:
linux ftp serverLinux serverNETWORK ADMINISTRATIONS

sambaXP 2021: Reverse engineering the Windows SMB server

The Windows SMB server doesn’t offer any way to dump the cryptographic keys used for SMB encryption. This can be very annoying when you’re trying to debug your client implementation or if you simply want to decrypt traffic in Wireshark. The server is sadly closed-source and is implemented as a kernel module, which makes debugging it more challenging.

This talk from Aurélien Aptel (SUSE / Samba Team) covers some of the architecture of the Windows SMB server, how to debug the Windows kernel, and how we can write another module to dump those keys from the server memory. All from the perspective of a Linux developer relatively new to the world of Windows development.

Slides: https://sambaxp.org/fileadmin/user_upload/sambaxp2021-slides/Aptel_Reverse_engineering_the_windows_SMB_server.pdf

Visit the conference website at https://sambaxp.org

source by SAMBA

linux ftp server

You May Also Like

DevOps & SysAdmins: DNS servers not assigned by DHCP (2 Solutions!!)

How To Install And Configure Zimbra Mail Server On Centos 7 Step By Step | Email Marketing

Class 12: RHEL 8: Create an FTP/http -based YUM Server and Client Configuration 2021 | #westechit

Leave a Reply

Your email address will not be published. Required fields are marked *