Attacking Windows Platform with EternalBlue Exploit via Android Phones | MS17-010

Image
Introduction On 14 April 2017, a hacker group know by the name of Shadow Brokers leaked exploitation toolkit used by the National Security Agency (NSA). The leak was also used as part of a worldwide WannaCry ransomware attack. EternalBlue is also an exploit developed and used by the NSA according to former NSA employees. Lab Environment Target Machine: Windows 7 Ultimate x64 bit Attacker Machine: Android 5.1  What is EternalBlue EternalBlue actually exploits a vulnerability found in Server Message Block (SMB) protocol of Microsoft Windows various platforms. This vulnerability can be found under CVE-2017-0144 in the CVE catalog.The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server. Windows 7 Operating with Release Effected by EternalBlue Installing Metasploit Framework on Android Step 1: Download Termux from play store....
Post a Comment

Introduction To Reverse engineering

REVERse Engineering

In this blog we are just understanding what is Reverse Engineering we Do the practical of this also.


 Reverse Engineering is the Combination of Two Entities :- 
 1.   Reverse
     2.  Engineering
  
    Reverse Engineering is ALSO know as the Back Engineering.
     
     Reverse Engineering is Also very important in crime Prevention.

     By this we learn how to crack the trial Software into the paid one.
   
   Lets understand the term Reverse Engineering
    
    Engineering -- The goal of the Engineering is to develop or build something. In software Development we have to deal with variables , loops , constructors , destructors , Switch statements and so on.


   Reverse Engineering -- Is a process in which we try to reverse the development process and try to understand the already developed things in pieces. In reverse Engineering we have to deal with registers , Flip flops , EIP(Instruction pointer) , ESP(Stack Pointer) and high path combination.


   For more About Reverse Engineering you can go through Wikipedia..


    For doing this we Require :-
    
   -> Ollydbg Tool
    
    ->Window Xp any service pack
    
   -> Assembly language knowledge (not required much so if you dont have then still its ok)

   -> Target Application

   In Next Blog we will do the Practical of Reverse Engineering!!!!!!!!!!!!!!!

Comments

Post a Comment

Popular posts from this blog

Practical of XSS cross site attack

Image
XSS (CROSS SITE SCRIPTING) It is a attack to the websites in this attacker attack the website from the client side. Basically attacker enter malicious code/script/payload in the website from the user end. Concept of this attack is already told in my previous post XSS cross site scripting Now lets come to the practical ones  For do this attack we First need a  SEarch box in the website  So Now see the Practical of Xss  Site Where I performed this Attack  Target Site:-   glbitm.org Now we Enter the script/payload/code to check whether the site is vulnerable or not. Entering the script <Script>alert (“welcome to glbajaj”)</script> If the site is vulnerable then the site pop the message welcome to glbajaj, if not then it will not pop up any message Let’s see:-  See the site Pop the message means the site is vulnerable to cross site scripting Now let’s check the same with ano...
Read more

Self-driving Cars Can be hacked by just putting stickers on street signs

Self-driving Cars Can be hacked by just putting stickers on street signs :-- Car Hacking is a hot topic, though it's not new for researchers to hack cars. Previously they had demonstrated how to hijack a car remotely, how to  disables cars   crucial functions like airbags, and even how to steal cars. But the latest car hacking trick doesn't require any extra ordinary skills to accomplished. All it takes is a simple sticker onto a sign board to confuse any self-driving car and cause accident. Isn't this so dangerous? A team of researchers from the University of Washington demonstrated how anyone could print stickers off at home and put them on a few road signs to convince "most" autonomous cars into misidentifying road signs and cause accidents. According to the researchers, image recognition system used by most autonomous cars fails to read road sign boards if they are altered by placing stickers or posters over part or the whole road sign b...
Read more

New Features Of WhatsApp Comming Soon!

New Features Of WhatsApp Coming  Soon! 1. YouTube Video Directly play In WhatsApp The new feature of WhatsApp to let users view YouTube videos inside  WhatsApp messenger without the  leave  app or open YouTube app. The iOS beta  version  of WhatsApp had added a feature of YouTube integration. The feature is not  currently available in an Android version, but we believe that WhatsApp will soon  come out the feature for Android. 2. Edit ‘sent’ Message This is the very important update for WhatsApp user because many users fill problem with this that he can not change the message when he press enter or send. But after this feature users can change the sent message before the message get read. 3. Money Transaction In India, after demonetization in  2016, the people are struggling for cash because the  people are not aware about the online transaction. Now lots of people use paytm o...
Read more