Britec Tech Support Forum

Britec Tech Support Forum > Technical Support > Networking > How Eternal Blue works
Full Version: How Eternal Blue works
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Filip's World

05-29-2018, 06:31 PM
Is here anyone which know how NSA Eternal Blue exploit works and can explain that to me?

I know thet exploit somehow tricks SMB protocol to get access to write data on other computer on the network.
How does that works? Huh

Compton

05-29-2018, 10:46 PM
https://en.wikipedia.org/wiki/EternalBlue#Responsibility


infection
EternalRocks first installs Tor, a private network that conceals Internet activity, to access its hidden servers. After a brief 24 hour "incubation period",[21] the server then responds to the malware request by downloading and self-replicating on the "host" machine.

The malware even names itself WannaCry to avoid detection from security researchers. Unlike WannaCry, EternalRocks does not possess a kill switch and is not ransomware.
Britec Tech Support Forum > Technical Support > Networking > How Eternal Blue works