Publica tus comentarios, quejas, sugerencias, anécdotas o lo quieras decir al concho o a la comunidad universitaria enviándolo vía e-mail a la dirección que aparece aquí arriba, es decir:

comunidaduc.corcholibre@blogger.com



jueves, 16 de abril de 2020

Pcap Of Wannacry Spreading Using EthernalBlue

Saw that a lot of people were looking for a pcap with WannaCry spreading Using EthernalBlue.

I have put together a little "petri dish" test environment and started looking for a sample that has the exploit. Some samples out there simply do not have the exploit code, and even tough they will encrypt the files locally, sometimes the mounted shares too, they would not spread.

Luckily, I have found this nice blog post from McAfee Labs: https://securingtomorrow.mcafee.com/mcafee-labs/analysis-wannacry-ransomware/ with the reference to the sample SHA256: 24d004a104d4d54034dbcffc2a4b19a11f39008a575aa614ea04703480b1022c (they keep referring to samples with MD5, which is still a very-very bad practice, but the hash is MD5: DB349B97C37D22F5EA1D1841E3C89EB4)

Once I got the sample from the VxStream Sandbox site, dropped it in the test environment, and monitored it with Security Onion. I was super happy to see it spreading, despite the fact that for the first run my Windows 7 x64 VM went to BSOD as the EthernalBlue exploit failed.

But the second run was a full success, all my Windows 7 VMs got infected. Brad was so kind and made a guest blog post at one of my favorite sites, www.malware-traffic-analysis.net so you can find the pcap, description of the test environment and some screenshots here: http://malware-traffic-analysis.net/2017/05/18/index2.html

Related articles


  1. Hacker Techniques Tools And Incident Handling
  2. Best Hacking Tools 2020
  3. Computer Hacker
  4. Hacking Tools For Beginners
  5. Hacking Tools And Software
  6. Hacking Tools
  7. Hacker Tools
  8. Hack Tools Download
  9. Pentest Tools Review
  10. Pentest Tools Website
  11. Termux Hacking Tools 2019
  12. Pentest Tools Tcp Port Scanner
  13. Hacking Tools Software
  14. Pentest Tools Find Subdomains
  15. Nsa Hack Tools Download
  16. Hack Tools 2019
  17. Hacking Tools For Pc
  18. What Are Hacking Tools
  19. Hacking Tools Software
  20. Bluetooth Hacking Tools Kali
  21. Hack Tools
  22. Hacking Tools For Games
  23. Hack Tools For Pc
  24. Pentest Tools Apk
  25. Hack Website Online Tool

No hay comentarios: