Chinese “COVID-19” Hackers indicted after 11 year hacking spree

The text explains one of the tools from the “experimental” portion of the class, “MS06040Scanner”: 

The working principle of MS06040Scanner is to first obtain the operating system type and open ports through port scanning and operating system scanning. If it is a windows2000 system, TCP 139 or TCP 445 port is opened, and the returned data packet matches the definition in the vulnerability library. It means that the host may have MS06040 vulnerabilities, we can use MS06040 exploit programs to carry out remote overflow attacks on it

The second slide demonstrates the “X-Scan” tool which would be used to find vulnerabilities allowing data exfiltration.

The Attacks 

Source link

About coldfusion

Check Also

25 CVEs That NSA Want You to Patch Right Now

Tuesday, October 20th, wasn’t your usual Patch Tuesday announcement from Microsoft. Instead, this announcement came …

Leave a Reply

Your email address will not be published. Required fields are marked *