Collaborate Disseminate
I’m trying to gain shell access to my home router/gateway, so I decided to use metasploit and nmap to find if there were any vulnerabilities that I could use:
[marcel@GLaDOS ~]$ sudo nmap -sS -Pn -A 192.168.2.1
Starting Nmap 7.50 ( https… Continue reading Metasploit DCERPC BindError
SAM database normally holds LM and NTLM hashes of local computer. Recently we applied configurations for disabling NTLMv1 usage in enterprise network . After that we mitigated LM hash usage on SMB and other communications. M… Continue reading Changing Structure of SAM database to disable LM usage
Chipotle and OneLogin suffer breaches, Windows XP Too Unstable To Spread WannaCry, Patches Available for Linux Sudo Vulnerability, Cisco, Netgear Readying Patches For Samba Vulnerability, oAuth nightmares, Attack and Defense, Jay Beale style, Decoding … Continue reading OneLogin Woes, Shadow Brokers Identity, oAuth Nightmares – Paul’s Security Weekly #516
Mike Mimoso and Chris Brook discuss the news of the week, including the ShadowBrokers crowdfunding attempt, errors in WannaCry, a new Wikileaks dump, last week’s Samba vulnerability, and the OneLogin breach.
Cisco is prepping fixes for two of its products affected by last week’s Samba vulnerability. Netgear has also pushed out a fix for NAS devices that were affected. Continue reading Cisco, Netgear Readying Patches for Samba Vulnerability
The Chet Chat is back! Join us for the latest episode of our popular security podcast. Continue reading What do you mean, ‘Windows bug in Linux’? [Chet Chat Podcast 261]
SMB is the Windows networking protocol, so SMB security holes like the one that led to WannaCry can’t happen on Linux/Unix, right? Wrong! Continue reading Samba exploit – not quite WannaCry for Linux, but patch anyway!
According to media reports, an attacker can
upload a library to a Samba share and then
open a named pipe whose name equals the local path to the uploaded library
to remotely execute the code contained in the library.
How… Continue reading How does the CVE-2017-7494 "SambaCry" exploit work?
I do understand that basically all Versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability.
And there is even PoC Code to check if a specific server is vulnerable by myself.
But I do not u… Continue reading What makes me vulnerable to CVE-2017-7494?
My servers are Ubuntu. I want to know whether Samba is installed accidentally or not. Is the following command correct?
It seems that Samba isn’t installed.
$ samba –version
The program ‘samba’ is currently not installed. … Continue reading CVE-2017-7494 Samba remote call. How do I know if Samba is running or not on my Ubuntu server?