"Eternal Blues" Tool Tests Computers Against NSA's ETERNALBLUE Exploit

Discussion in '0-day Release' started by RGiskardR, Jul 1, 2017.

  1. RGiskardR

    RGiskardR Malware Tester Silver Member


    Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit.

    Erez released his tool on Wednesday, a day after the NotPetya ransomware caused damages to thousands of computers across the globe.

    Just like WannaCry did in last month's outbreak, NotPetya also used ETERNALBLUE as a means to spread from one computer to the next.

    In hacking and cyber-security circles, ETERNALBLUE is considered one of the most potent exploits ever seen. A testament to its efficiency and ability to create virulent threats stand the two ransomware outbreaks that took place just two months after its release.

    Under the hood, ETERNALBLUE leverages a vulnerability (CVE-2017-0144) in the SMBv1 file sharing protocol. Windows computers — where SMBv1 comes enabled by default — mishandles specially crafted SMB packets and allows an attacker to execute arbitrary code on the user's computer.

    Full source: https://www.bleepingcomputer.com/ne...s-computers-against-nsas-eternalblue-exploit/
    wwd, Trim, LowcyGier and 1 other person like this.
  2. Google Adsense

Share This Page