https://github.com/rapid7/metasploit-framework/pull/9473
NSA's tools for Windows from which WannaCry & Co. generated, got modified to work on every Windows version, from 2000 to 10.
Tags: #windows #security #exploit
NSA's tools for Windows from which WannaCry & Co. generated, got modified to work on every Windows version, from 2000 to 10.
Tags: #windows #security #exploit
GitHub
MS17-010 EternalSynergy / EternalRomance / EternalChampion aux+exploit modules · Pull Request #9473 · rapid7/metasploit-framework
MS17-010 Windows SMB Remote Command and Code Execution modules for all vulnerable targets Windows 2000 through 2016 (and of course the standard home/workstation counterparts).
auxiliary/admin/smb/...
auxiliary/admin/smb/...
https://nakedsecurity.sophos.com/2018/06/28/windows-10-security-can-be-bypassed-by-settings-page-weakness/
Perhaps Microsoft won't ever fix this because "it's not a bug, it's a feature". Through this, you can execute cmd and Powershell commands.
Tags: #windows #security
Perhaps Microsoft won't ever fix this because "it's not a bug, it's a feature". Through this, you can execute cmd and Powershell commands.
Tags: #windows #security
Naked Security
Windows 10 security can be bypassed by Settings page weakness
The file type used by Windows 10’s settings page can be used to trick Windows into running files it’s supposed to block.