Skip to content

RiskSense-Ops/MS17-010

master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

MS17-010

As all of our research is now in Metasploit master repository, there was no reason to confuse everyone by keeping this repository open as there were two versions of everything and due to overwhelming popularity support became a nightmare as this is merely a side project. Please do not make support issues here, as they will not be answered.

Those searching for the scanners:

Those searching for EternalBlue:

This version disproved the robustness of most existing IDS rules (at the time). Those looking to make IDS rules should look at the final SMB1 Trans2 packet. These contain fixed offsets, however it may be possible to use other addresses. However, the hole in which those offsets lie must always be laid out in a similar manner. There are also numerous other patterns, such as several SMB2 groom requests with null headers and shellcode, as well as the "free hole" session setups.

Windows kernel shellcode will be in Metasploit as well as submitted to exploit-db when x86 version is completed.

About

MS17-010 Research

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published