EternalBlue

Description

(Check Point) The EternalBlue exploitation tool was leaked by “The Shadow Brokers” group on April 14, 2017, in their fifth leak, “Lost in Translation.” The leak included many exploitation tools like EternalBlue that are based on multiple vulnerabilities in the Windows implementation of SMB protocol.

EternalBlue works on all Windows versions prior to Windows 8. These versions contain an interprocess communication share (IPC$) that allows a null session. This means that the connection is established via anonymous login and null session is allowed by default. Null session allows the client to send different commands to the server.

Names

Name
EternalBlue

Type

0-day

Information

https://research.checkpoint.com/2017/eternalblue-everything-know/
https://cybernews.com/security/eternalblue-vulnerability-exploit-explained/

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:EternalBlue

Other Information

Uuid

cb1f1730-b938-44da-99ef-a15d7b16fee2

Last Card Change

2023-09-06

Threat Intelligence Garden

Explorer

EternalBlue

EternalBlue

Description

Names

Category

Type

Information

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks