Showing 1–1 of 1 results for author: Repkin, V

Creating a vulnerable node based on the vulnerability MS17-010

Authors: Aleksey Novokhrestov, Anton Kalyakin, Aleksandr Kovalenko, Vladimir Repkin

Abstract: The creation of a vulnerable node has been demonstrated through the analysis and implementation of the MS17-010 (CVE-2017-0144) vulnerability, affecting the SMBv1 protocol on various Windows operating systems. The principle and methodology of exploiting the vulnerability are described, with a formalized representation of the exploitation in the form of a Meta Attack Language (MAL) graph. Additiona… ▽ More The creation of a vulnerable node has been demonstrated through the analysis and implementation of the MS17-010 (CVE-2017-0144) vulnerability, affecting the SMBv1 protocol on various Windows operating systems. The principle and methodology of exploiting the vulnerability are described, with a formalized representation of the exploitation in the form of a Meta Attack Language (MAL) graph. Additionally, the attacker's implementation is outlined as the execution of an automated script in Python using the Metasploit Framework. Basic security measures for systems utilizing the SMBv1 protocol are provided. △ Less

Submitted 26 January, 2024; originally announced January 2024.

Comments: 6 pages, 2 figures