LAST WEEK

LAST WEEK

Last week's dump: github.com/x0rz/EQGRP

Last week's message: medium.com/@shadowbrokerss/dont-forget-your-base-867d304a94b1

For a little background, there's a hacking group called the Shadow Brokers who stole a shitload of the NSA's cyberweapons. They had them up for auction on the deepweb for a million bitcoins (~575 million USD). No one paid so they dumped some of the tools last weekend after Trump attacked Syria. The tools all exploited old vulnerabilities, as far back as 2003. They also released a message implying that they're ex-deep state and they're pissed Trump is becoming a globalist.

FAST FORWARD TO TODAY

Today's dump: github.com/x0rz/EQGRP_Lost_in_Translation

Today's message: steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation

The Shadow Group released another dump, this time with some fucking juicy ass shit. Last week was old vulnerabilities, this week they dumped EIGHT NEW ZERO-DAY VULNS IN WINDOWS. That means anyone can download the tools and own any Windows machine connected to the Internet right now. Why isn't Sup Forums and /baph/ all over this shit? We could be hacking the ADL right now. Also, it was revealed that the NSA hacked into the SWIFT network and set up backdoors to monitor financial translations. The NSA knew about the theft of their tools 96 days ago, yet the vulns released today proves the NSA failed to tell Microsoft about the vulns and possible leaks, oops! Their message contained the word Kek and the password to the encrypted files was REEEEEEEEE, so I think it's obvious the Shadow Brokers are one of us. In fact, they may be here reading this right now.

Other urls found in this thread:

fortune.com/2017/04/15/microsoft-shadow-broker-nsa/
technet.microsoft.com/en-us/library/security/ms17-010.aspx
twitter.com/AnonBabble

I know you're all a bunch of tards who need hand-holding. Here's what we have in today's dump:

EASYBEE

appears to be an MDaemon email server vulnerability

EASYPI

is an IBM Lotus Notes exploit that gets detected as Stuxnet

EWOKFRENZY

is an exploit for IBM Lotus Domino 6.5.4 to 7.0.2

EXPLODINGCAN

is an IIS 6.0 exploit that creates a remote backdoor

ETERNALROMANCE

is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges

EDUCATEDSCHOLAR

is a SMB exploit

EMERALDTHREAD

is a SMB exploit for Windows XP and Server 2003

EMPHASISMINE

is a remote IMAP exploit for IBM Lotus Domino

ENGLISHMANSDENTIST

sets Outlook Exchange WebAccess rules to trigger executable code on the client's side to send an email to other users

ERRATICGOPHER

is a SMBv1 exploit targeting Windows XP and Server 2003

ETERNALSYNERGY

is a SMBv3 remote code execution flaw for Windows 8 and Server 2012

ETERNALBLUE

is a SMBv2 exploit [source] that also works on Windows 10, even if it wasn't designed to

ETERNALCHAMPION

is a SMBv1 exploit

ESKIMOROLL

is a Kerberos exploit targeting 2000, 2003, 2008 and 2008 R2 domain controllers

ESTEEMAUDIT

is an RDP exploit and backdoor for Windows Server 2003

ECLIPSEDWING

is an RCE exploit for the Server service in Windows Server 2008 and later

ETRE

is an exploit for IMail 8.10 to 8.22

FUZZBUNCH

is an exploit framework, similar to MetaSploit, which was also part of the December-January "Windows Tools" Shadow Brokers auction

DOUBLEPULSAR

is a RING-0 multi-version kernel mode payload, EquationGroup used this to scrape Oracle databases for SWIFT data

ODDJOB

is an implant builder and C&C server that can deliver exploits for Windows 2000 and later, also not detected by any AV vendors

JEEPFLEA_MARKET

appears to be a tool for collecting data from several banks around the world

probably because people here have much to lose

Wasn't eternalblue shown not to work on 10 in the end?

No it works, microsoft put out a patch the next day but all the pirated windows copies and people who don't update daily are still vulnerable

Well fug.

My Win7 desktop which I was fucking around with to avoid certain telemetry updates is gonna have to succumb then. There's no reason to run a fully patched Win7 over Win10.

It's over guys.

Man i am really scared.
And by the description of these shits only win98 is safe.
Thank god my current pc is cooked once i fix it i am gonna install whatever Linux distro on all my pcs i don't even want vidya.

i wouldn't worry, almost everyone else is also vulnerable, what's so special about you? ^)

That statement kinda console me and is kinda romantic, its like you are saying, don't worry my love if dying is in question we all will die together.

Glad it helps, but the real question here is what should be done with these tools

Test

apparently, it was already patched.
fortune.com/2017/04/15/microsoft-shadow-broker-nsa/

Still works for system not updated or pirated copies

There was an item on windows 95 called "NSA_KEY"
Bill Gates had to talk about it publicly because people threw a shit fit, but he denied all.

Yeah i have the key;

CrDj”(;Va.*NdlnzB9M?@K2)#>deB7mN

>That means anyone can download the tools and own any Windows machine connected to the Internet right now.

They said that last week as well, no one in the world got hacked.

fake and gay

>fake and gay

If you don't understand it fuck off faggot

>That means anyone can download the tools and own any Windows machine connected to the Internet right now.
Anyone who is running internet-facing samba shares. So basically everyone who isn't running a Windows server is perfectly fine.
Literally nothing, move on.

What if I download these and get trapped in the botnet when I start it?

>So basically everyone who isn't running a Windows server is perfectly fine.
>Literally nothing, move on.

That is a lie and you know it, are you by any chance an NSA agent lmao?

nice bruh 100 100

If you don't understand how these things work don't even bother to download it.

This is for people who know how to use this. (These are not .exe files or some shit, these are scripts for linux)

it's nothing

>That is a lie and you know it
That's my conclusion after reading the OP and first reply.
If you know something that implies otherwise then please tell.

What a great day for skids and sysadmins.

>skids
>literally NSA hack tools

Fucking wot

> ex-deep state
>globalist
I think you mean muslim and jew, OP

false flag 101: use their terms, not your own

They can be extremely powerful and developped by the NSA but their very simple point-and-shoot operation make them extremely skid-friendly.

You need windows.
Install python 2.6
Install pywin 2.6
This is where I'm stuck now. PyWin fails but I know if I can get it installed I'll be able to run fb.py.

Can anyone help out?

See

My bad for not having used windows for years.

this

I wonder how long it will be before they drop some XTREME FreeBSD exploits and someone defaces Sup Forums.

patched a month ago you autists

technet.microsoft.com/en-us/library/security/ms17-010.aspx

how can I make money with this?

>SMB this
>SMB that

People seriously use file-sharing over networks?
Fucks wrong with you?
Get off your fat ass and put the movie on via USB port.

> USB in 2017
Whens the last time you left your basement

A-are you guys serious? Can someone explain to me what this is all about?
I mean, I haven't updated my system in a while. Am I at risk just by being connected to the Internet? If so, what could happen?

Why aren't you updated? It doesn't hurt.

I killed my pirated Windows

I find it very odd that there is no way to verify the patch was actually installed.

Why didn't you get a legitimate copy from someone with a MSDN? Just ask on AB.

Well I do have a legit copy but I'm just too lazy to format. I guess I really should now.

To go to my front bedroom that faces a main road of a large town.
Wait, I don't have a basement. Where the fuck was I?

Notes: Add a basement next year.