labs
labs copied to clipboard
Published
20 hours ago •
nixawk
nixawk
[Links] MS17-010
References
- https://zerosum0x0.blogspot.jp/2017/04/doublepulsar-initial-smb-backdoor-ring.html
- https://zerosum0x0.blogspot.jp/2017/06/eternalblue-exploit-analysis-and-port.html
- https://risksense.com/_api/filesystem/468/EternalBlue_RiskSense-Exploit-Analysis-and-Port-to-Microsoft-Windows-10_v1_2.pdf
- https://www.exploit-db.com/docs/42329.pdf
- https://github.com/worawit/MS17-010
- https://www.exploit-db.com/exploits/42315/
- https://github.com/omri9741/cve-2017-7494/
- https://github.com/CoreSecurity/impacket
- https://github.com/CoreSecurity/impacket/blob/master/impacket/dcerpc/v5/epm.py
- https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/pipe_dcerpc_auditor.rb
- https://msdn.microsoft.com/en-us//library/cc738291(v=ws.10).aspx
- http://www.ampliasecurity.com/research/NTLMWeakNonce-bh2010-usa-ampliasecurity.pdf
- https://www.coresecurity.com/corelabs-research/publications/new-smb-and-dcerpc-features-impacket-v0960
- http://www.rubydoc.info/github/rapid7/metasploit-framework/Msf/Exploit/Remote/DCERPC
- https://en.wikipedia.org/wiki/DCE/RPC
- https://technet.microsoft.com/en-us/library/cc759499.aspx
