MoviesDB

ugly - Order by Related Videos

CVE - We're Here To Stay / Welcome To The WestCVE - We're Here To Stay / Welcome To The West
00:08:17August 3, 2009, 10:22 pm
CVE - We're Here To Stay / Welcome To The West

Channel: NombaWon & Total View: 13103


Tags:
afterlife, recordz, hip, hop, ellay, khule, kid, kudi, kanye, common, 2009, nga, fsh, ridd, busdriver


Add Date: August 3, 2009, 10:22 pm & Duration: 00:08:17


Likes: 106 | Dislike: 5


chillin villain empire

'We're Here To Stay " by ( in order ) NgaFsh, Riddlore & Busdriver

" Welcome To The West '' by Wreccless, Riddlore, Tray Loc & NgaFsh

NEVER HEARD OF ME?/ RIDDLORE? CVENEVER HEARD OF ME?/ RIDDLORE? CVE
00:03:59June 24, 2013, 9:48 pm
NEVER HEARD OF ME?/ RIDDLORE? CVE

Channel: riddlorecve & Total View: 11189


Tags:
No Video Tags


Add Date: June 24, 2013, 9:48 pm & Duration: 00:03:59


Likes: 149 | Dislike: 3


New Music Video Directed, Produced ,And Edited By: RIDDLORE? CVE

C.V.E. - Declassified - Full Metal JacketC.V.E. - Declassified - Full Metal Jacket
00:03:45January 3, 2012, 10:28 am
C.V.E. - Declassified - Full Metal Jacket

Channel: LYDGANGBERLIN713 & Total View: 15865


Tags:
CVE, Declassified, Full, Metal, Jacket


Add Date: January 3, 2012, 10:28 am & Duration: 00:03:45


Likes: 167 | Dislike: 8


CVE - HAZERDOUS MATERIALCVE - HAZERDOUS MATERIAL
00:05:12January 17, 2011, 7:24 am
CVE - HAZERDOUS MATERIAL

Channel: MrHateme2 & Total View: 9034


Tags:
CVE, CHILLIN, VILLAIN, EMPIRE, PROJECT, BLOWED, GOOD, LIFE, RIDDLORE?, NGA, FSH, EBOW, NUVETHAD, WRECCLESS


Add Date: January 17, 2011, 7:24 am & Duration: 00:05:12


Likes: 74 | Dislike: 1


ALBUM: NOT LIKE THOSE - BUY THIS ALBUM, DEFINITELY WILL GET YOUR MONEYS WORTH. CHILLIN VILLAIN EMPIRE!!!

EsteemAudit CVE-2017-9073 Windows RDP ExploitEsteemAudit CVE-2017-9073 Windows RDP Exploit
00:04:36June 9, 2017, 2:32 pm
EsteemAudit CVE-2017-9073 Windows RDP Exploit

Channel: Anwar Bigfat & Total View: 11268


Tags:
RDP Exploit, RDP, Remote Desktop, Esteemaudit, esteemaudit, CVE-2017-9073, shadow brokers, nsa, pentest, hack, hacking, hacker, wannacry, eternalblue, doublepulsar, eternalblue doublepulsar, 0day, 0day exploit


Add Date: June 9, 2017, 2:32 pm & Duration: 00:04:36


Likes: 57 | Dislike: 1


Another tool released by Shadow Brokers is “EsteemAudit”, which exploits CVE-2017-9073, a vulnerability in the Windows Remote Desktop system on Windows XP and Windows Server 2003. Both versions of this operating system are no longer supported by Microsoft (XP ended in 2014, Server 2003 in 2015) and as such Microsoft has not released a patch for the vulnerability.

Esteemaudit Metasploit Module :
http://github.com/BlackMathIT/Esteemaudit-Metasploit

More analysis :
http://researchcenter.paloaltonetworks.com/2017/05/unit42-dissection-esteemaudit-windows-remote-desktop-exploit/

Exploiting CVE-2016-4655 - Create Your Own iOS Jailbreak [Part 1] | Kernel Info-leak & KASLR Defeat

Channel: Billy Ellis & Total View: 6639


Tags:
ios, jailbreak, exploit, trident, pegasus, cve-2016-4655, info leak, kaslr, aslr, bypass, defeat, rop, kernel, 32-bit, cydia, patch, iokit, programming, xcode, theos, tutorial, how to


Add Date: January 8, 2018, 5:00 am & Duration: 00:12:46


Likes: 259 | Dislike: 5


If you enjoyed this video, please leave a LIKE as this did take a lot of time to put together!

jndok's writeup - http://jndok.github.io
s1guza's writeup - http://siguza.github.io/cl0ver/

Download iOS IPSW files - http://ipsw.me/#!/download
iOS firmware decryption keys - http://www.theiphonewiki.com/wiki/Firmware_Keys/8.x

Download IOKit headers - http://github.com/benjamin-42/Trident/tree/master/Headers/IOKit

Thanks for watching!

∎∎∎My Social Media∎∎∎

Twitter - http://bit.ly/2rA593q

Website - http://bit.ly/2sDHJiB

Exploiting CVE-2018- 0802 : Microsoft Office Memory Corruption Vulnerability | Lucideus Research

Channel: Lucideus & Total View: 5760


Tags:
CVE-2018- 0802, exploiting, hack, poc, demo, microsoft, office, vulnerability, new, how to


Add Date: February 8, 2018, 1:22 am & Duration: 00:04:43


Likes: 69 | Dislike: 2


A new Zero-Day Vulnerability has been founded on 8th January 2018 in the Microsoft Office Software which is a Remote Code Execution in which Microsoft Office fails to properly handle objects in Memory.This Vulnerability is stated as Microsoft Office Memory Corruption Vulnerability. The Vulnerability can be exploited as Remote Code Execution by tricking or forcing the victim to open a specially crafted malicious Doc (Word file) in MS Office or WordPad. The name of this Vulnerability is similar from CVE-2018-0797 and CVE-2018- 0812 but is different from them. For More visit : lucideustech.blogspot.in

SMBv2 RCE vulnerability (CVE-2009-3103)SMBv2 RCE vulnerability (CVE-2009-3103)
00:04:06May 29, 2018, 2:36 am
SMBv2 RCE vulnerability (CVE-2009-3103)

Channel: Arridae Infosec & Total View: 863


Tags:
#SMBv2 #RCE, MS09-050, vulnerability (CVE-2009-3103)


Add Date: May 29, 2018, 2:36 am & Duration: 00:04:06


Likes: 2 | Dislike: 0


For more videos...keep coming back to our channel.
Official Rights: Arridae Infosec Pvt Ltd
Website: www.arridae.com

using Nessus, CVE and Metasploit to gain a shellusing Nessus, CVE and Metasploit to gain a shell
00:35:04January 29, 2017, 12:56 pm
using Nessus, CVE and Metasploit to gain a shell

Channel: Chuck Moore & Total View: 4317


Tags:
Nessus, Metaploit, CVE, Linux, Chuck Moore, Mal3k, netapi, SMB, hacking


Add Date: January 29, 2017, 12:56 pm & Duration: 00:35:04


Likes: 32 | Dislike: 1


use Nessus to perform a vulerability scan, and use Metasploit to search the database for a known exploit, and use that exploit against the target machine

CVE-2017-11882 Exploit Microsoft office | Remote Code Execution

Channel: TI Basics & Total View: 2735


Tags:
No Video Tags


Add Date: December 3, 2017, 2:24 am & Duration: 00:06:00


Likes: 18 | Dislike: 1


Exploit Microsoft office Remote Code Execution (CVE-2017-11882 )

►Exploit: http://github.com/Ridter/CVE-2017-11882

►VBScript: http://github.com/STP5940/Exploit.html

►FB Group: http://web.facebook.com/groups/439237486232585

Microsoft Office 2016 ✔
Microsoft Office 2013 Service Pack 1 ✔
Microsoft Office 2010 Service Pack 2 ✔
Microsoft Office 2007 ✔

แค่เปิดไฟล์ Microsoft Word คุณก็อาจโดนยึดเครื่องได้ โดยช่องโหว่ที่แฮคเกอร์ใช้ในการโจมตีนี้ มีรหัสช่องโหว่คือ (CVE-2017-11882 ) โดยช่องโหว่นี้ทำให้แฮคเกอร์สามารถรันคำสั่งต่างๆ บนเครื่องของเหยื่อได้

วิธีป้องกัน
Update Microsoft office เป็นเวอร์ชั่นล่าสุด
Update Windows เป็นเวอร์ชั่นล่าสุด
ติดตั้งโปรแกรมป้องกันไวรัส...

CVE - PRESSURECVE - PRESSURE
00:03:58November 2, 2010, 12:26 am
CVE - PRESSURE

Channel: MrHateme2 & Total View: 2139


Tags:
CVE, RIDDLORE?, NGAFSH, PROJECT, BLOWED, AFTERLIFE, THE, GOOD, LIFE, LEGION


Add Date: November 2, 2010, 12:26 am & Duration: 00:03:58


Likes: 20 | Dislike: 1


got this from: http://blownuppmusic.blogspot.com

Libssh - Authentication Bypass - CVE-2018-10933Libssh - Authentication Bypass - CVE-2018-10933
00:09:53October 29, 2018, 7:14 am
Libssh - Authentication Bypass - CVE-2018-10933

Channel: HackerSploit & Total View: 14181


Tags:
libssh, ssh, hacking, exploit, libssh vulnerability, libssh2, libssh authentication bypass exploit, libssh exploit, CVE-2018-10933, cybersecurity, vulnerability, authentication, ssh hack, ssh hacking, ssh hacking kali linux, ssh hacking tutorial, ssh hack linux, ssh hack password


Add Date: October 29, 2018, 7:14 am & Duration: 00:09:53


Likes: 445 | Dislike: 20


Hey guys! HackerSploit here back again with another video, in this video, I will be demonstrating how to exploit the Libssh authentication bypass vulnerability.

Links:
http://github.com/hackerhouse-opensource/cve-2018-10933

⭐Help Support HackerSploit by using the following links:
🔗 NordVPN: http://nordvpn.org/hacker
Use the link above or the code below for 77% Off your order
Promo Code: hacker
Patreon: http://patreon.com/hackersploit

I Hope you enjoy/enjoyed the video.
If you have any questions or suggestions feel free to ask them in the comments section or on my social networks.

🔗 HackerSploit Website: http://hsploit.com/
🔗 HackerSploit Android App: http://play.google.com/store/apps/details?id=com.hsploitnews.hsploit&hl=en

🔹 Support The Channel
NordVPN Affiliate Link: http://nordvpn.org/hacker
Patreon: http://patreon.com/hackersploit

🔹 Get Our Courses
Get a special discount on our courses:
The Complete Deep Web Course 2018:
http://www.udemy.com/the-complete-deep-web-course-2017/?couponCode=DWCBP2017

🔹 SOCIAL NETWORKS - Connect With Us!
-------------------------------
Facebook:...

NGA FSH feat RIDDLORE? - WESTSIDE CVENGA FSH feat RIDDLORE? - WESTSIDE CVE
00:03:56November 10, 2010, 12:38 am
NGA FSH feat RIDDLORE? - WESTSIDE CVE

Channel: MrHateme2 & Total View: 7398


Tags:
NGA, FSH, AFTERLIFE, CVE, CHILLIN, VILLAIN, EMPIRE, CHU, RIDDLORE?, GOOD, LIFE, PROJECT, BLOWED, HIP, HOP


Add Date: November 10, 2010, 12:38 am & Duration: 00:03:56


Likes: 55 | Dislike: 2


ALBUM: UNSTABLE PART 2

CVE - MastaCVE - Masta
00:03:55November 24, 2008, 1:48 pm
CVE - Masta

Channel: BeRliNGSTAR & Total View: 5739


Tags:
CVE, Masta, Fasta


Add Date: November 24, 2008, 1:48 pm & Duration: 00:03:55


Likes: 29 | Dislike: 1


Enjoy!!

Technical Analysis of a Word Zero Day - CVE-2017-0262 / CVE-2015-2545

Channel: Colin Hardy & Total View: 15472


Tags:
zero day, malware, reverse engineering, cve-2017-0262, cve-2015-2545, word, exploit, dropper, eps, image1.eps, turla, apt28, behavioural analysis, x64dbg, 7a5d5e20


Add Date: August 18, 2017, 1:03 pm & Duration: 00:13:59


Likes: 576 | Dislike: 2


Here I demonstrate to you how to analyse a Zero Day (now patched!) in Word which exploits an EPS vulnerability referenced in CVE-2017-0262 / CVE-2015-2545.

This vulnerability allows for an attacker to embed in a malicious .eps file, used as part of the word doc, which executes upon opening the Word doc without any further interaction from the user.

Here, the shellcode drops a malicious executable to disk which I then show you how to analyse using X64DBG in order to extract key indicators for the purpose of protecting your environment.

Hope you like, please subscribe to my channel and follow me on Twitter http://twitter.com/cybercdh

Script to xor:
http://pastebin.com/ci0S2eL7

Sample:
MD5: 0c718531890dc54ad68ee33ed349b839

Technical Write Ups:
http://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html
http://community.rsa.com/community/products/netwitness/blog/2017/08/17/russian-bank-offices-hit-with-broad-phishing-wave
http://community.rsa.com/community/products/netwitness/blog

Avast et les détections de vulnerabilites sur les box et routeur (CVE 2017 14491)

Channel: MaK MaK & Total View: 1648


Tags:
routeur, vulnérabilité, box


Add Date: May 23, 2018, 3:24 am & Duration: 00:07:33


Likes: 28 | Dislike: 3


Une vidéo rapide pour donner les explications sur les détections CVE- 2017-14491 faites par Avast! Wifi-Inspector.
Vous trouverez les explications sur la page : http://www.malekal.com/avast-wifi-inspector-vulnerabilites-routeur-box-cve-2017-14491/

et de manière générale pour sécuriser son routeur : http://www.malekal.com/comment-securiser-son-routeur/

CVE - walk thruCVE - walk thru
00:03:02December 10, 2009, 1:28 pm
CVE - walk thru

Channel: Philipp Lemburg & Total View: 5055


Tags:
CVE, walk, thru


Add Date: December 10, 2009, 1:28 pm & Duration: 00:03:02


Likes: 51 | Dislike: 0


Microsoft Windows .NET Framework RCE Attack | Exploit CVE-2017-8759 | Kali Linux 2017.2

Channel: The Shadow Brokers & Total View: 4662


Tags:
shadow brokers, CVE-2017-8759, RCE, Exploit, .NET RCE, WSDL Parser Code Injection, Hacking Windows, Office, Exploit CVE-2017-8759, CVE-2017-8759 exploit, kali linux, kali linux 2017, cve 2017, cve 2017 8759, rce exploit, kali root, kali hack, kali linux tutorial, 0day, metasploit, windows, linux, microsoft, klai linux, rtf, payload kali linux, exploit cve 2017, word exploit, CVE-2017-8759 RCE Kali Linux, rce kali linux, net framework, exploit rce, micro soft, free


Add Date: November 13, 2017, 10:06 pm & Duration: 00:04:19


Likes: 100 | Dislike: 6


Microsoft Windows .NET Framework RCE Attack | Exploit CVE-2017-8759 | Kali Linux 2017.2

Hi every one,
in this video i donna show about Exploit toolkit CVE-2017-8759.

Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

Disclaimer

This program is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (bhdresh) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using this program you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not bhdresh's responsibility.

Release note:

Introduced following capabilities to the script

- Generate Malicious RTF file
- Exploitation mode for...

CVE - Declassified - Stay on Phat (HQ)CVE - Declassified - Stay on Phat (HQ)
00:03:19August 7, 2010, 5:12 pm
CVE - Declassified - Stay on Phat (HQ)

Channel: 7undreissig & Total View: 3308


Tags:
CVE, classified, stay, phat, nga, fsh, rifleman, afterlife, recordz, project, blowed


Add Date: August 7, 2010, 5:12 pm & Duration: 00:03:19


Likes: 28 | Dislike: 0


Label: "Afterlife Recordz", Album: "Declassified", Title: "Stay on Phat", Year: 1998

CVE - Avoid Hurt Maim MurderCVE - Avoid Hurt Maim Murder
00:09:40January 6, 2011, 4:15 pm
CVE - Avoid Hurt Maim Murder

Channel: tehCoast & Total View: 1754


Tags:
CVE, chillin villian empire, hip, hop, kclan, Afterlife recordz, NGA fsh, RIDDLore, Rifleman, Pterrodacto


Add Date: January 6, 2011, 4:15 pm & Duration: 00:09:40


Likes: 29 | Dislike: 2


CVE another super classsic

Aceyalone, Spoon Iodine, C.V.E - JurassickAceyalone, Spoon Iodine, C.V.E - Jurassick
00:03:46November 15, 2010, 1:25 am
Aceyalone, Spoon Iodine, C.V.E - Jurassick

Channel: grenaDyN & Total View: 6634


Tags:
Aceyelone, Spoon, Iodine, C.V.E, project, blowed, jurassick, hip, hop


Add Date: November 15, 2010, 1:25 am & Duration: 00:03:46


Likes: 78 | Dislike: 3


Album : Project blowed (1995)

CVE-2017-11882 - 3 ways to perform technical analysis, 1 easy way to protect

Channel: Colin Hardy & Total View: 6891


Tags:
cve-2017-11882, exploit, malware, reverse engineering, rtf, gootkit, process monitor, sysinternals, burpsuite, remnux, gflags, x64dbg, equation editor, eqnedt32.exe, eqnedt


Add Date: December 29, 2017, 6:24 am & Duration: 00:16:08


Likes: 293 | Dislike: 2


Here I show you technical analysis of a fascinating exploit CVE-2017-11882 which takes advantage of a buffer overflow vulnerability in Microsoft Office Equation Editor (EQNEDT32.exe).

I demonstrate how to quickly analyse this exploit from a behavioural point of view, show you how to run rtfdump.py to extract the malicious object and also how to attach the victim process to a debugger so you can see for yourself the buffer being overflowed.

Malicious Doc File:
insurance-2017-2018.doc
MD5: 080b3a6dc6ddf645f6c156e1561eb0b8

Tools Used:
Process Monitor: http://docs.microsoft.com/en-us/sysinternals/downloads/procmon
Burp Suite : http://portswigger.net/burp
REMNux: http://remnux.org/
RTFdump: http://blog.didierstevens.com/2016/08/02/rtfdump-update-and-videos/
gflags.exe: http://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/gflags
x64dbg: x64dbg.com

Recommended Reading:
http://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about/
http://researchcenter.paloaltonetworks.com/2017/12/unit42-analysis-of-cve-2017-11882-exploit-in-the-wild/

Patching:
You should definitely update your Office environment. In the interim you can apply the...

CVE - 'unicycle' with the hip hop kclanCVE - 'unicycle' with the hip hop kclan
00:03:24January 18, 2009, 10:08 pm
CVE - 'unicycle' with the hip hop kclan

Channel: NombaWon & Total View: 13227


Tags:
cve, hip-hop, rap, hip, hop, kclan, ellay, khule, nga, fish, pterradacto, riddlore, unrelease, project, blowed


Add Date: January 18, 2009, 10:08 pm & Duration: 00:03:24


Likes: 108 | Dislike: 1


Track 10 off of cve's unreleased 99-00,
'Unicycle' by the hip hop kclan's ellay khule also known as the rifleman & pterradacto, and cve chillin villain empire nga fish & riddlore.

Omid - What Up (feat. CVE, 2Mex, P.E.A.C.E., Sesquipedalien & Longevity)

Channel: Alpha Pup & Total View: 16438


Tags:
Omid, What, feat, CVE, 2Mex, Sesquipedalien


Add Date: January 25, 2011, 5:12 pm & Duration: 00:05:07


Likes: 156 | Dislike: 3


Omid "What Up (feat. CVE, 2Mex, P.E.A.C.E., Sesquipedalien & Longevity)" from the album 'Beneath the Surface' on Beneath the Surface Music
Learn more at http://alphapuprecords.com/

CVE - CalistylicsCVE - Calistylics
00:02:21February 8, 2009, 8:33 pm
CVE - Calistylics

Channel: NombaWon & Total View: 22452


Tags:
rap, hip-hop, mic, check, aceyalone, strech, calistylics, unreleased, nga, fsh, riddlore


Add Date: February 8, 2009, 8:33 pm & Duration: 00:02:21


Likes: 143 | Dislike: 2


calistylics by chillin villain empire
ngafsh

► Vulnerabilidad Office Word CVE-2017-0199 | HEL

Channel: Hacking Ético León & Total View: 9363


Tags:
CVE-2017-0199: Vulnerabilidad Office Word, vulnerabilidad CVE-2017-0199 office word, vulnerabilidad zero day office, vulnerabilidad zero day word, hacking etico leon


Add Date: April 21, 2017, 6:32 pm & Duration: 00:14:45


Likes: 368 | Dislike: 8


CVE-2017-0199: Vulnerabilidad Office Word es una vulnerabilidad que afecta a todas las versiones de Office, nos permite poder ejecutar codigo arbitrario y asi poder establecer una conexion con metasploit

http://securityonline.info/2017/04/20/cve-2017-0199-microsoft-office-word-rtf-rce-vulnerabilitycve-2017-0199-metasploit/

[Todos mis vídeos están hechos con fines educativos el mal uso que puedas darle es bajo tu responsabilidad]

Pagina de Facebook►http://www.facebook.com/hackingeticoleon/
Crear y Camuflar Payload con Veil Evasion
► http://www.youtube.com/edit?o=U&video_id=QpWDYNpHq4M
Instalar Veil Evasion 3.0 en Kali Linux►http://www.youtube.com/watch?v=HLK3T9CGee4&t=25s
Personalizar Terminal ►http://www.youtube.com/edit?o=U&video_id=mVwIjJFAjmg

C.V.E. - C.V vaultC.V.E. - C.V vault
00:02:58February 4, 2009, 8:29 pm
C.V.E. - C.V vault

Channel: NombaWon & Total View: 28685


Tags:
declaration, independent, afterlife, recordz, cve, c.v.e, empire, chills, ville, real, chillen, chillin, like, villain


Add Date: February 4, 2009, 8:29 pm & Duration: 00:02:58


Likes: 202 | Dislike: 15


cve vault
fsh, ridd & wrecc

PoC CVE-2017-1182 Kali Linux 2017PoC CVE-2017-1182 Kali Linux 2017
00:05:06November 23, 2017, 6:55 am
PoC CVE-2017-1182 Kali Linux 2017

Channel: Gamex Now & Total View: 4464


Tags:
cve 2017 1182, cve-2017-11882, cve, kali linux, kali linux 2017, kali root, CVE-2017-1182 kali linux, cve 2017, CVE-2017-1182 kali linux 2017.2, CVE-2017-1182 microsoft office, kali linux CVE-2017-1182, microsoft office, linux, linux kali, operating system, office, cve 2017 office, 2017, 11882, cve 2017 11882 linux, cve-2017-1182 kali linux 2017, 2017-11882, CVE-2017-1182 Kali Linux 2017, linux distro, microsoft


Add Date: November 23, 2017, 6:55 am & Duration: 00:05:06


Likes: 134 | Dislike: 2


CVE 2017 1182 Kali Linux 2017

http://securityonline.info/office-memory-corruption/
http://www.youtube.com/watch?v=LNFG0lktXQI
Microsoft Office 2016 ✔
Microsoft Office 2013 Service Pack 1 ✔
Microsoft Office 2010 Service Pack 2 ✔
Microsoft Office 2007 ✔

kali root

[CVE-2017-0143 - MS17-010] - EternalBlue SMB Remote Windows Exploitation

Channel: Th1k404 & Total View: 6747


Tags:
hacking, exploit, tech, geek, online tools, technology, bugs, security, pentest, penetration test, linux, kali linux, learning, share, how to, help, fixed, solution, network., exploit windows os, smb exploit, smb vulnerable, windows 7 vulnerability, windows 7 exploit, windows 7 0day, smb vulnerability, smb exploit 2018


Add Date: September 22, 2017, 7:04 am & Duration: 00:08:23


Likes: 53 | Dislike: 5


Today i will penetration test on windows 7 service pack 3 with the vulnerability of the SMB.

## MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption

This module is a port of the Equation Group ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers. There is a buffer overflow memmove operation in Srv!SrvOs2FeaToNt. The size is calculated in Srv!SrvOs2FeaListSizeToNt, with mathematical error where a DWORD is subtracted into a WORD.

The kernel pool is groomed so that overflow is well laid-out to overwrite an SMBv1 buffer. Actual RIP hijack is later completed in srvnet!SrvNetWskReceiveComplete. This exploit, like the original may not trigger 100% of the time, and should be run continuously until triggered.

It seems like the pool will get hot streaks and need a cool down period before the shells rain in again. The module will attempt to use Anonymous login, by default, to authenticate to perform the exploit. If the user supplies credentials in the SMBUser,SMBPass, and SMBDomain options it will use those instead. On some systems, this module may cause system instability and crashes, such as a BSOD or a reboot. This may be more likely with some payloads.

## Module Name

cve mixtepe 07cve mixtepe 07
01:09:12August 23, 2012, 6:08 am
cve mixtepe 07

Channel: riddlorecve & Total View: 8460


Tags:
New, Project


Add Date: August 23, 2012, 6:08 am & Duration: 01:09:12


Likes: 93 | Dislike: 8


cve mixtape 2007. mixed by dj handprints. www.cvbeats.com