Chinese “COVID-19” Hackers indicted after 11 year hacking spree

The text explains one of the tools from the “experimental” portion of the class, “MS06040Scanner”: 

The working principle of MS06040Scanner is to first obtain the operating system type and open ports through port scanning and operating system scanning. If it is a windows2000 system, TCP 139 or TCP 445 port is opened, and the returned data packet matches the definition in the vulnerability library. It means that the host may have MS06040 vulnerabilities, we can use MS06040 exploit programs to carry out remote overflow attacks on it

The second slide demonstrates the “X-Scan” tool which would be used to find vulnerabilities allowing data exfiltration.

The Attacks 

Source link

About coldfusion

Check Also

Riverhead green-lights EPCAL drag racing events for 2022

Drag racing at the Calverton Enterprise Park got a green light for 2022 from the …

Leave a Reply

Your email address will not be published. Required fields are marked *