AK
На скорую руку у меня ни по цискам, ни по фортигейтам не вышло заюзать. Надо опытный девайс физически найти для экспериментов.
А что проверял по цискам? Оба эксплоита?
Size: a a a
2016 August 16
CM
The requirements for the ExtraBacon exploit are that you have SNMP read access to the firewall, as well as access to either telnet or SSH. The ASA must be running 8.x, up to 8.4(4), and is said to have the possibility to crash the firewall if something goes wrong.
AK
В ExtraBacon есть путь до папки логов
def_opts = {'OutputDir': 'D:\\DSZOPSDisk\\logs',
# dispatcher will scavenge files deeper than specified path
# for the foreseeable future expect root of path to be D:\DSZOPSDisk
by default we will try D:\DSZOPSDisk\logs and if that fails try cwd
DSZOPS не референс ли на конкретную операцию
def_opts = {'OutputDir': 'D:\\DSZOPSDisk\\logs',
# dispatcher will scavenge files deeper than specified path
# for the foreseeable future expect root of path to be D:\DSZOPSDisk
by default we will try D:\DSZOPSDisk\logs and if that fails try cwd
DSZOPS не референс ли на конкретную операцию
M
'' hackerfantastic NOPEN is their backdoor/RAT tool (noserver and noclient). The exploit eventually installs it on the target.
Use port 32754 and banner "\n\nError: Must authenticate before using this service.\r\n" ''
Use port 32754 and banner "\n\nError: Must authenticate before using this service.\r\n" ''
M
This affirmation is based on what?
AK
Firewall/BLATSTING/BLATSTING_20322/opinstructions/install.txt:
NO! bnf-fw02:/root/NOPEN>-tunnel
[10-17-08 16:24:05 GMT][localhost:33794 -> bnf-fw02.3.3.3.3:32754]
-> Port 33794 in shodan.io:
http://pastebin.com/70ByiSVz
-> filter by known software banner.
nmap os fingerprint reported that some ip addresses from pastbin used Juniper firewall
NO! bnf-fw02:/root/NOPEN>-tunnel
[10-17-08 16:24:05 GMT][localhost:33794 -> bnf-fw02.3.3.3.3:32754]
-> Port 33794 in shodan.io:
http://pastebin.com/70ByiSVz
-> filter by known software banner.
nmap os fingerprint reported that some ip addresses from pastbin used Juniper firewall
b
V(
зиродей в циске аса
A
@GossiTheDog: The Fortinet exploit in #EquationGroup works. Really simple thing they exploited. Needs web mgmt access.
NK
Ку))
NK
Получилось циску натянуть?))
NK
Работает у кого то?)