关联漏洞
标题:
Microsoft Windows SMB 输入验证错误漏洞
(CVE-2017-0143)
描述:Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。SMBv1 server是其中的一个服务器协议组件。 Microsoft Windows中的SMBv1服务器存在远程代码执行漏洞。远程攻击者可借助特制的数据包利用该漏洞执行任意代码。以下版本受到影响:Microsoft Windows Vista SP2,Windows Server 2008 SP2和R2 SP1,Windows 7 SP1,Windows 8.1,Windows Server 2012 Gold
描述
This is a security assessment report regarding the EthernalBlue vulnerability (CVE-2017-0143).
介绍
# EthernalBlue Report
## What is it?
This is an exploit developed by the NSA, stolen by hacker group, primarily known for being used in ransomware attacks, such as WannaCry or NotPetya...
## Why did you make this report?
I've been asked to do this report on the Tryhackme EthernalBlue room, but without using Metasploit, the primary purpose of this room.
## More information?
If you want to learn more about EthernalBlue, you can check these resources:
[Wikipedia](https://en.wikipedia.org/wiki/EternalBlue)
[Microsoft](https://learn.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010)
[Youtube - Cybernews](https://youtu.be/3-MSlNVqzYY?si=7s0nKptCkBu04-i_)
[Youtube - The TWS Channel](https://youtu.be/PKHH_gvJ_hA?si=zbpC7VvHbXu2pRr-)
[Youtube - Micode](https://youtu.be/nIRDzPnJAro?si=I1NJsHUotSEurbWo)
文件快照
[4.0K] /data/pocs/995a1bb0f83d249fad35cdd54c37978f55a5ae8b
├── [ 834] README.md
└── [1.2M] Report_MARTZ_Cedric.pdf
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。