Light

mygit2014aaa / esteemaudit-metasploit Goto Github PK

View Code? Open in Web Editor NEW

This project forked from mygit2014/esteemaudit-metasploit

0.0 1.0 0.0 2.78 MB

Porting for Metasploit of the infamous Esteemaudit RDP Exploit

Home Page: http://www.blackmath.it

Ruby 10.75% Python 89.25%

esteemaudit-metasploit's Introduction

Esteemaudit-Metasploit

This is a porting of the infamous Esteemaudit RDP Exploit leaked from Equationgroup (NSA). The vulnerability exploited by this attack is related to Smart Card authentication, used when logging onto the system via the RDP service. Systems affected are Windows Server 2003 SP1,SP2 and Windows XP SP0, SP1, SP3.

Dependencies:

dpkg --add-architecture i386
apt-get update && apt-get install wine32

How to do:

Copy the esteemaudit.rb on the right Metasploit folder (e.g. /usr/share/metasploit-framework/modules/exploits/windows/rdp/)
Copy only the content of "files" folder on /usr/share/esteemaudit/
wine /usr/share/esteemaudit/Esteemaudit-2.1.0.exe 2>0
(This is just to create Wine32 environment, skip it if you already have /root/.wine/drive_c/)

WE ARE NOT RESPONSIBLE OF ANY DAMAGES CAUSED BY THE USE OF THIS PORTING. IT WAS MADE FOR EDUCATIONAL PURPOSE AND TESTING ONLY!

Microsoft released a Patch

https://support.microsoft.com/en-us/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms

How to mitigate via GPO

Windows server 2003 and XP:

Run gpedit.msc
Go to Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Client/Server data redirection\
Set enable on "Do not allow Smart Card device redirection"
Restart the server.

www.blackmath.it | [email protected]

esteemaudit-metasploit's People

Contributors

Watchers

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.