Date:06/02/18
The three exploits in question now include EternalChampion, EternalRomance, and EternalSynergy, all of which were leaked by TSB in April, last year. One security researcher has now worked on the source code to make all of these run on all Windows versions released in the last two decades for “the purposes of academic research and for the development of effective defensive techniques”.
The researcher behind this is Sean Dillon from RiskSense (@zerosum0x0 on Twitter). The effort uses the security vulnerabilities tracked as CVE-2017-0143 (EternalRomance, EternalSynergy) and CVE-2017-0146 (EternalChampion, EternalSynergy). While some might suggest Dillon has made it easier for attackers to use these exploits, the criminal community has been extensively using leaked NSA exploits for the past 8 months or so. Dillon has merged these exploits into the open-source penetration testing project, the Metasploit Framework.
Releasing his code on GitHub, Dillon added that “this module is highly reliable and preferred over EternalBlue where a Named Pipe is accessible for anonymous logins (generally, everything pre-Vista, and relatively common for domain computers in the wild).”
Instead of going for shellcode execution, it overwrites the SMB connection session structures to gain Admin/SYSTEM session. The MSF [Metasploit Framework] module is leaner (stripped down packet count/padding), checks extra named pipes, sprinkles randomness where possible, and has Metasploit’s psexec DCERPC implementation bolted onto it.
This isn’t the first time researchers have modified NSA exploits for research and pen-testing purposes. However, it’s probably the first time that nearly a decade worth of systems are vulnerable to these exploits. Dillon did include a disclaimer with his release saying that this is “purely for the purposes of academic research and for the development of effective defensive techniques, and is not intended to be used to attack systems except where explicitly authorized”.
Leaked NSA Exploits Work on All Microsoft Operating Systems Since Windows 2000
A security researcher has made three leaked NSA exploits work on all versions of Windows since Windows 2000. These exploits were leaked last year by The Shadow Brokers. This is the same group that had leaked the notorious EternalBlue exploit that was used to power the biggest online ransomware campaign this industry has seen so far.The three exploits in question now include EternalChampion, EternalRomance, and EternalSynergy, all of which were leaked by TSB in April, last year. One security researcher has now worked on the source code to make all of these run on all Windows versions released in the last two decades for “the purposes of academic research and for the development of effective defensive techniques”.
The researcher behind this is Sean Dillon from RiskSense (@zerosum0x0 on Twitter). The effort uses the security vulnerabilities tracked as CVE-2017-0143 (EternalRomance, EternalSynergy) and CVE-2017-0146 (EternalChampion, EternalSynergy). While some might suggest Dillon has made it easier for attackers to use these exploits, the criminal community has been extensively using leaked NSA exploits for the past 8 months or so. Dillon has merged these exploits into the open-source penetration testing project, the Metasploit Framework.
Releasing his code on GitHub, Dillon added that “this module is highly reliable and preferred over EternalBlue where a Named Pipe is accessible for anonymous logins (generally, everything pre-Vista, and relatively common for domain computers in the wild).”
Instead of going for shellcode execution, it overwrites the SMB connection session structures to gain Admin/SYSTEM session. The MSF [Metasploit Framework] module is leaner (stripped down packet count/padding), checks extra named pipes, sprinkles randomness where possible, and has Metasploit’s psexec DCERPC implementation bolted onto it.
This isn’t the first time researchers have modified NSA exploits for research and pen-testing purposes. However, it’s probably the first time that nearly a decade worth of systems are vulnerable to these exploits. Dillon did include a disclaimer with his release saying that this is “purely for the purposes of academic research and for the development of effective defensive techniques, and is not intended to be used to attack systems except where explicitly authorized”.
Views: 564
©ictnews.az. All rights reserved.Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World