:: Deepquest ::

ETERNALROMANCE exploits an SMB1 vulnerability in Microsoft Windows XP, 2003, Vista, 7, 8, 2008, and 2008 R2. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from a team known as the “Equation Group”, however, there is no author data available in this […]

ETERNALSYNERGY is a remote code execution exploit for SMBv3. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from a team known as the “Equation Group”, however, there is no author data available in this content. Consider this exploit hostile and unverified. For […]

EWOKFRENZY is an exploit for Lotus Domino versions 6 and 7. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from a team known as the “Equation Group”, however, there is no author data available in this content. Consider this exploit hostile and […]

EXPLODINGCAN is an exploit for Microsoft IIS 6 that leverages WebDAV and works on 2003 only. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from a team known as the “Equation Group”, however, there is no author data available in this content. […]

ZIPPYBEER is an authenticated Microsoft Domain Controller exploit. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from a team known as the “Equation Group”, however, there is no author data available in this content. Consider this exploit hostile and unverified. For research […]

ETERNALBLUE is an SMBv1 remote unauthenticated zero day exploit that works on 2008 R2. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from a team known as the “Equation Group”, however, there is no author data available in this content. Consider this […]

http://www.kdh.go.th/index4.html notified by ZoRRoKiN

context: https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation writeup: https://www.trustedsec.com/blog/equation-group-dump-analysis-full-rce-win7-fully-patched-cobalt-strike/ decrypted files: https://github.com/x0rz/EQGRP_Lost_in_Translation 750BTC: https://bit.surf:43110/theshadowbrokers.bit/page/windows/ if its up

http://phayabunlue.go.th/king.htm notified by RxR

This Metasploit module exploits an unauthenticated command injection in Alienvault USM/OSSIM versions 5.3.4 and 5.3.5. The vulnerability lies in an API function that does not check for authentication and then passes user input directly to a system call as root.