NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000

Discussion in 'other security issues & news' started by itman, Feb 5, 2018.

  1. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,591
    Location:
    U.S.A.
    Strap on your seatbelts ................
    https://www.bleepingcomputer.com/ne...windows-versions-released-since-windows-2000/
     
  2. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,342
    Location:
    Europe, UE citizen
    Since many years there were the suspect and the convincement that USA security agencies had some kind of backdoor in Windows OS.....
     
  3. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,501
    Yup. Not surprised at all by this.
     
  4. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,999
    Location:
    Member state of European Union
  5. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    Good that we know about this. Too bad for the Windows XP users ?
     
  6. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,591
    Location:
    U.S.A.
  7. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,501
  8. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,334
    Location:
    Italy
  9. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    Golly... Another reason for only ever browsing on a 'nix VM.
     
  10. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,999
    Location:
    Member state of European Union
    Can you elaborate more? Or post link to some resource about hardening Windows authentication over network mechanisms. I am not connected to any Windows Domain. My laptop is just alone. Does this NBNS/NTLMv2 behavior is also present on Windows OSes in my configuration? I don't know anything about NTLMv2 and other Microsoft network authorization protocols. I just know basics of TCP/IP and UDP protocols.
     
  11. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    Weird, it all comes down to any single word in the address bar in Chrome.

    That Twitter thread had a link with more context about the single word address bar purpose.
    Link: https://productforums.google.com/forum/#!topic/chrome/hl0Knv7p4-4

    Although it is an older thread, it explains the single word search term issue more.
     
  12. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,591
    Location:
    U.S.A.
    Here's a link to the POC on GitHub here: https://github.com/rapid7/metasploit-framework/pull/9473. On that web page is ref. to earlier like work described here: https://github.com/worawit/MS17-010.

    Although not a lot of low level detail exists, my understanding is these are exploiting the SMB protocol itself and are not directly related to SMBv1 and port 445 usage employed by EternalBlue.
     
  13. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,334
    Location:
    Italy
    For my pc that only has the SMB1 protocol it does not make a difference.:)
    Concerns to you.
    ;)
     
  14. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,591
    Location:
    U.S.A.
    http://www.securityweek.com/nsa-linked-hacking-tools-ported-metasploit
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.