1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Remember to post Questions related to Hacking only. If you have Question related to other Stuff you can post that in

Samba Flow sibling of eternalblue for linux

  1. Skyline Geek

    Skyline Geek Administrator Staff Member

    Messages:
    30
    Likes Received:
    16
    Trophy Points:
    118
    Joined
    Apr 11, 2017
    Same as eternalblue exploit for windows which lead in formation of Wanna cry ransomware. we are now getting a huge amount of complaint from Linux user about this samba flow exploit found in linux system which allows hacker to remotely access any linux system

    {$title}
    Samba is an open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and OpenVMS. Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to share network shared folders, files, and printers with Windows operating system.
    The newly discovered remote code execution vulnerability (CVE-2017-7494) affects all versions newer than Samba 3.5.0 that was released on March 1, 2010.

    Exploit Code Released! (Bonus: Metasploit Module)

    {$title}
    The flaw actually resided in the way Samba handled shared libraries. A remote attacker could use this Samba arbitrary module loading vulnerability to upload a shared library to a writable share and then cause the server to load and execute malicious code.

    The vulnerability is hell easy to exploit. Just one line of code is required to execute malicious code on the affected system.

    Code:
    simple.create_pipe("/path/to/target.so")


    However, the Samba exploit has already been ported to Metasploit, a penetration testing framework, enabling researchers as well as hackers to exploit this flaw easily.

    READ MORE...
     

Share This Page