Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
WannaCry detection #103
OS / ENVIRONMENT
Hello, do you think about modification for WannaCry and SambaCry CVE 2017-7494 detection? It is described here https://www.honeynet.org/node/1353 and changes are in this repository https://github.com/gento/dionaea/commits/master - last three commits.
Hey @phibos , thanks for the merges about the SMB patches!
By the way, we can test the SMB patches with:
Dionaea should be able to store the payloads from these 2 modules. Again, thanks for the good works!
@phibos, I observed files failing to save due to a missing key - 'downloads' - on line 665 of smb.py:
If replaced with the following:
Along with replacing occurrences of 'dir' with 'download_dir', files are saved into the standard 'binaries' directory (or whatever the user has configured in their dionaea.conf).
Am still seeing a lot of occurrences of: 'SMB dionaea/smb/smb.py:112-critical: === SMB did not get enough data' in my log however... but that could well be standard background noise.