Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| fd0e473d89 |
@@ -1,4 +0,0 @@
|
|||||||
build
|
|
||||||
*.tmp*
|
|
||||||
*.bak*
|
|
||||||
*.~*
|
|
||||||
@@ -1,6 +0,0 @@
|
|||||||
# Notes, Scratch, Prose
|
|
||||||
- while method doesnt re-activate eternalblue risks, it _does_ demonsterably re-enable smb1 as is demonstrated by [nmap scan](assets/nmap-vuln-scan-indicating-eternalbliue-not-exploitable.txt).
|
|
||||||
- next trick will be to dig deep and find out what else this method can enable
|
|
||||||
- maybe even leverage into exploitability :3
|
|
||||||
|
|
||||||

|
|
||||||
@@ -1,11 +1,3 @@
|
|||||||
# Welcome to the Sillyzone
|
|
||||||
## This branch is not intended for human consumption
|
|
||||||
## Only furries, freaks, transexuals, gays, horsefuckers, and other high-level malcontents are suited for this level of unhinged feral gremlin hacker shit
|
|
||||||
|
|
||||||
fuckit... lets ride this one and see where it takes us?
|
|
||||||
|
|
||||||
```
|
|
||||||
Um, ok microsoft...
|
Um, ok microsoft...
|
||||||
have fun patching this,
|
have fun patching this,
|
||||||
you patched EternalBlue before!
|
you patched EternalBlue before!
|
||||||
```
|
|
||||||
Binary file not shown.
|
Before Width: | Height: | Size: 279 KiB |
@@ -1,67 +0,0 @@
|
|||||||
nmap -sV -p139,445 --script smb-protocols,vuln,vulners 10.0.0.62
|
|
||||||
|
|
||||||
Starting Nmap 7.99 ( https://nmap.org ) at 2026-06-27 18:41 -0600
|
|
||||||
Stats: 0:01:19 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
|
|
||||||
NSE Timing: About 99.63% done; ETC: 18:42 (0:00:00 remaining)
|
|
||||||
Nmap scan report for 10.0.0.62
|
|
||||||
Host is up (0.00064s latency).
|
|
||||||
|
|
||||||
PORT STATE SERVICE VERSION
|
|
||||||
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
|
|
||||||
|_smb-enum-services: ERROR: Script execution failed (use -d to debug)
|
|
||||||
445/tcp open microsoft-ds Windows 10 Pro 26200 microsoft-ds (workgroup: WORKGROUP)
|
|
||||||
|_smb-enum-services: ERROR: Script execution failed (use -d to debug)
|
|
||||||
Service Info: Host: PRINCESSPI-DESK; OS: Windows; CPE: cpe:/o:microsoft:windows
|
|
||||||
|
|
||||||
Host script results:
|
|
||||||
| smb-protocols:
|
|
||||||
| dialects:
|
|
||||||
| NT LM 0.12 (SMBv1) [dangerous, but default]
|
|
||||||
| 2.0.2
|
|
||||||
| 2.1
|
|
||||||
| 3.0
|
|
||||||
| 3.0.2
|
|
||||||
|_ 3.1.1
|
|
||||||
|_smb-vuln-ms10-061: NT_STATUS_ACCESS_DENIED
|
|
||||||
| smb-brute:
|
|
||||||
| administrator:<blank> => Valid credentials, account disabled
|
|
||||||
|_ guest:<blank> => Valid credentials, account disabled
|
|
||||||
|_smb-print-text: false
|
|
||||||
|_samba-vuln-cve-2012-1182: NT_STATUS_ACCESS_DENIED
|
|
||||||
|_smb-vuln-ms10-054: false
|
|
||||||
| smb-security-mode:
|
|
||||||
| account_used: <blank>
|
|
||||||
| authentication_level: user
|
|
||||||
| challenge_response: supported
|
|
||||||
|_ message_signing: required
|
|
||||||
| smb-enum-shares:
|
|
||||||
| note: ERROR: Enumerating shares failed, guessing at common ones (NT_STATUS_ACCESS_DENIED)
|
|
||||||
| account_used: <blank>
|
|
||||||
| \\10.0.0.62\ADMIN$:
|
|
||||||
| warning: Couldn't get details for share: NT_STATUS_ACCESS_DENIED
|
|
||||||
| Anonymous access: <none>
|
|
||||||
| \\10.0.0.62\C$:
|
|
||||||
| warning: Couldn't get details for share: NT_STATUS_ACCESS_DENIED
|
|
||||||
| Anonymous access: <none>
|
|
||||||
| \\10.0.0.62\D$:
|
|
||||||
| warning: Couldn't get details for share: NT_STATUS_ACCESS_DENIED
|
|
||||||
| Anonymous access: <none>
|
|
||||||
| \\10.0.0.62\E$:
|
|
||||||
| warning: Couldn't get details for share: NT_STATUS_ACCESS_DENIED
|
|
||||||
| Anonymous access: <none>
|
|
||||||
| \\10.0.0.62\IPC$:
|
|
||||||
| warning: Couldn't get details for share: NT_STATUS_ACCESS_DENIED
|
|
||||||
|_ Anonymous access: READ
|
|
||||||
|_smb-flood: ERROR: Script execution failed (use -d to debug)
|
|
||||||
| smb-os-discovery:
|
|
||||||
| OS: Windows 10 Pro 26200 (Windows 10 Pro 6.3)
|
|
||||||
| OS CPE: cpe:/o:microsoft:windows_10::-
|
|
||||||
| Computer name: PrincessPi-Desk
|
|
||||||
| NetBIOS computer name: PRINCESSPI-DESK\x00
|
|
||||||
| Workgroup: WORKGROUP\x00
|
|
||||||
|_ System time: 2026-06-27T18:42:59-06:00
|
|
||||||
| smb-mbenum:
|
|
||||||
|_ ERROR: Call to Browser Service failed with status = 2184
|
|
||||||
|
|
||||||
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
|
|
||||||
Nmap done: 1 IP address (1 host up) scanned in 96.15 seconds
|
|
||||||
@@ -1,9 +0,0 @@
|
|||||||
# NJL'S SMB1-Fucker
|
|
||||||
1. gcc for win downloaded from here https://sourceforge.net/projects/gcc-win64/
|
|
||||||
2. extracted to downdoots via 7zip
|
|
||||||
3. ran test-mingw64.bat
|
|
||||||
1. built a bunch of exes ig
|
|
||||||
4. copied weapon.c to gcc bs dir
|
|
||||||
5. `bin/gcc.exe weapon.c` compiles to `a.exe` which is da active exploit
|
|
||||||
6. running `a.exe` quickly spams some shit and reboots box, preboot text indicating installation of a new feature
|
|
||||||
7. did it not ask for uac? am i crazy? todo: test
|
|
||||||
@@ -0,0 +1 @@
|
|||||||
|
1158:125448026831605967330517929926021379900742474559822027810537560954668500787256453746512201630169945111003285635859757144355263521538019355650534816223655257248290448491515238892332861344763769404333940272424650039965451396955193288378066429779085949660696010079412595210494217295725784123807573993411637197734937862576239641208729406597386007962357278997699055075688568590516131163923641694072526851822154821453830421642286247509538769335374738365664092085466391697489470233661017683760683116292502262490558705131255876582516951974329713941992808860037117748006949330407195743876257929974743495453868595244716002242891077690658682905967950017487922750568316611902458924945561680041243305409802158644638562923695663059326331627906754201135324012854039964695222082405671368125502675825753419332511485721872291382121093417690466353574753541695060880127209134264874803845505984968471219916314670005093979004373150333945605789166049625107267000544571617967456926316678974036279834041402270782084981083805348195765053412056040620666644834146427079141710354418088362582892691964494453880766467801057596745216642190965648321970276492723682374869210468987808146508827489003490035972122000429166046726651398451542414489357331636706036803168549637622047743910065271458393239517812995524196809602916481552281322419136418644804260634587396255318207514813974559106934649887082955984487286337427159870057909876557435476090804833284852809958350406372705400929473889162124109363715905496602553618716394835956844231657778895060698089226796541947710973970539999367676808441239360296244268802593158817111713975047594511627915938606342918286715688674064712470485154339305948429652752616605582946914188169630158292470405360436520355225805139537169099948610680178485510856241286888921098864562498347219007619079413255152608009256294311488180447611386109667755792660993348869435935271077581703305984016581683945607598570668343589618718919874622431386130673338268974642049829131871204284609747830267468532897292385382095958504732509979026755304785369455573419283992964131698063099787847923601701231367883846567608345226116860125118389948519707438554387064883304761443595485117430010017115360899914473954728239645724178713199794197738398793176904967957580642734402241955055017314401642949552664541919161398556333799538557820238698830837444272436240880064380994444342663495844399058420582980863299193318422124700038902434779794341192382876481547843572454696314854913509256507306386389224158357080076361720802823984668917553955913017641053064911555535973537657107669600972053416996122286790444373950066807309215203403101950692281772147607693911107185248518492430414296166854958293218222469723142945404444969795587336103572920462777693305479783119882324718318734646241607713224231337859778258295703845356146125543937316381205540064209587
|
||||||
Reference in New Issue
Block a user