routersploit icon indicating copy to clipboard operation
routersploit copied to clipboard
verified publisher icon threat9

Add exploits from Equation group leak

Open MumbaiHH opened this issue 9 years ago • 5 comments

i was curious to if you would add the exploits from the Equation group leak?

:)

MumbaiHH avatar Nov 24 '16 00:11 MumbaiHH

Can you provide some link to these exploits/more info about it ? :-) Which ones would you like to be implemented ?

0BuRner avatar Nov 24 '16 11:11 0BuRner

https://github.com/adamcaudill/EquationGroupLeak is the repos clone

https://github.com/adamcaudill/EquationGroupLeak/tree/master/Firewall/EXPLOITS/EXBA

the exploit "extrabacon" targets Cisco ASA firewalls (routers blah) it allows us to disable authentication and SSH freely into the router :D.

https://github.com/adamcaudill/EquationGroupLeak/tree/master/Firewall/EXPLOITS/EGBL

targets fortigate firewalls, unsure what it does yet, havent really looked too well at the source

to name a few :) but others are there for you to look and add!

MumbaiHH avatar Nov 24 '16 18:11 MumbaiHH

Ye, we definitely need these exploits. They are quite complicated and its hard to implement them without possessing vulnerable devices.

lucyoa avatar Nov 29 '16 18:11 lucyoa

Ah. Unfortunately I can't provide. Is there not a way to virtualize these routers? OR so at least I heard you could?

MumbaiHH avatar Dec 02 '16 18:12 MumbaiHH

We might virtualize these routers with QEMU or and helper tool like firmadyne. But for that we need at least the firewall/router firmware. Here are some listed in the exploitable list : http://public.myswsrv.de/Cisco/Firewall/ASA/System/8.x/8.4.x/ But it's a huge and hard work to

0BuRner avatar Dec 02 '16 18:12 0BuRner