This hacking tools leak belonging to the Equation Group includes particularly interesting Windows 0-day exploits, implant tools and backdoors used in the widespread exploitation (DoublePulsar), and other 1-day exploits. This widespread exploitation prompted me to release this blog post that I have been mulling for a while.Īs part of the Equation Group’s hacking tools stash, leaked last week by The Shadow Brokers group, this is the latest installment of several leaks featuring network devices vulnerabilities and exploits, Linux and Unix vulnerabilities, and exploits. User can add checks for custom named pipes.According to the The Register’s article, last week we started assisting to the widespread exploitation of The Shadow Brokers’ leaked Windows exploits, compromising thousands of vulnerable hosts over the Internet. NAMEDPIPETOUCH Utility to test for a predefined list of named pipes, mostly AV detection. IISTOUCH check if the running IIS version is vulnerableĭOPU used to connect to machines exploited by ETERNALCHAMPIONS SMBTOUCH check if the target is vulnerable to samba exploits like ETERNALSYNERGY, ETERNALBLUE, ETERNALROMANCEĮRRATICGOPHERTOUCH Check if the target is running some RPC PASSFREELY utility which “Bypasses authentication for Oracle servers” ODDJOB is an implant builder and C&C server that can deliver exploits for Windows 2000 and later, also not detected by any AV vendorsĮAGERLEVER NBT/SMB exploit for Windows NT4.0, 2000, XP SP1 & SP2, 2003 SP1 & Base Release Metapackages, containers with custom scripts within!ĮARLYSHOVEL RedHat 7.0 – 7.1 Sendmail 8.11.x exploitĮBBISLAND (EBBSHAVE) root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86.ĮCHOWRECKER remote Samba 3.0.x Linux exploit.ĮASYBEE appears to be an MDaemon email server vulnerabilityĮASYFUN EasyFun 2.2.0 Exploit for WDaemon / IIS MDaemon/WorldClient pre 9.5.6ĮASYPI is an IBM Lotus Notes exploit that gets detected as StuxnetĮWOKFRENZY is an exploit for IBM Lotus Domino 6.5.4 & 7.0.2ĮXPLODINGCAN is an IIS 6.0 exploit that creates a remote backdoorĮTERNALROMANCE is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges (MS17-010)ĮDUCATEDSCHOLAR is a SMB exploit (MS09-050)ĮMERALDTHREAD is a SMB exploit for Windows XP and Server 2003 (MS10-061)ĮMPHASISMINE is a remote IMAP exploit for IBM Lotus Domino 6.6.4 to 8.5.2ĮNGLISHMANSDENTIST sets Outlook Exchange WebAccess rules to trigger executable code on the client’s side to send an email to other usersĮPICHERO 0-day exploit (RCE) for Avaya Call ServerĮRRATICGOPHER is a SMBv1 exploit targeting Windows XP and Server 2003ĮTERNALSYNERGY is a SMBv3 remote code execution flaw for Windows 8 and Server 2012 SP0 (MS17-010)ĮTERNALBLUE is a SMBv2 exploit for Windows 7 SP1 (MS17-010)ĮSKIMOROLL is a Kerberos exploit targeting 2000, 2003, 20 R2 domain controllersĮSTEEMAUDIT is an RDP exploit and backdoor for Windows Server 2003ĮCLIPSEDWING is an RCE exploit for the Server service in Windows Server 2008 and later (MS08-067)ĮTRE is an exploit for IMail 8.10 to 8.22ĮTCETERABLUE is an exploit for IMail 7.04 to 8.05įUZZBUNCH is an exploit framework, similar to MetaSploit Offers the stability of a windows system and it offers the hacking part with a Cerberus Linux system! You can run both and it just Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |