• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Ethical Hacking

William Bailey

Ethical Hacking

MIS 5211.701 ■ Fall 2021 ■ William Bailey
  • Home
  • INSTRUCTOR
  • SYLLABUS
  • Gradebook

Week 6: Metasploit

October 4, 2021 by William Bailey 9 Comments

This week we discussed Metasploit Framework, and some of the vulnerabilities we demonstrated were from 2008.  For this week’s discussion, relate to the class a “hack” that involved a vulnerability that had been “in the wild” for at least six months after the patch had been available.

 

Week Six Presentation (Handout)

 

Filed Under: Week 06: Metasploit Tagged With:

Reader Interactions

Comments

  1. Eugene Angelo Tartaglione says

    October 5, 2021 at 10:16 am

    https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

    According to the following article, a Chinese cyber espionage unit that’s focused on stealing email from victim organizations. The group has exploited known vulnerabilities Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.

    Log in to Reply
    • Dhaval Patel says

      October 18, 2021 at 8:07 am

      This was actually the first hack/vulnerability that came to my mind. This hack caused a lot of disruption and I believe the US government got involved as well in the form of an investigation to possibly raft sanctions on China.

      Log in to Reply
  2. Antonio Cozza says

    October 5, 2021 at 2:59 pm

    The most obvious example that comes to mind is the infamous EternalBlue exploit of Microsoft Windows systems which was developed by the NSA and hidden from Microsoft and the public for “more than 5 years.” EternalBlue was developed for security testing by the NSA, but was obtained by a hacker group known as Shadow Brokers, who used the exploit to take advantage of a major remote access vulnerability in Windows OSs, leading to its malicious implementation via the WannaCry ransomware in May 2017 and followed by the NotPetya ransomware attack in June 2017. The vulnerability has been documented as CVE-2017-0144, and was due to a critical error in SMBv1 handling of custom packets that ultimately gave external users remote code execution.

    https://en.wikipedia.org/wiki/EternalBlue

    Log in to Reply
  3. Dhaval Patel says

    October 17, 2021 at 10:27 pm

    Not entirely six months, but for the second time, VMware had a vulnerability in their vCenter Servers. In September CISA warnd organizations that have not applied the patch that they should expect widespread exploitation as the exploit code was publicly available. In June CISA had issued another warning related to remote code execution on the vCenter Servers. The patch had been released in May, and weeks to months later thousands of devices remained unpatched and vulnerable.

    https://www.darkreading.com/vulnerabilities-threats/cisa-says-wide-exploitation-likely-of-new-vmware-center-server-flaw

    Log in to Reply
  4. Tal Eidenzon says

    November 21, 2021 at 2:08 pm

    A well known vulnerability with the name of Heartbleed was introduced into TSL protocol in 2012, and involved the “overreading” of data that was appended. The appended data did not undergo input validation and therefore had potential to include malicious code.. Despite the disclosure of the vulnerability and accompanying release of a patch in 2014, as of 1 July 2019, Shodan reported that 91,063 devices were still vulnerable.

    Log in to Reply
  5. Tal Eidenzon says

    November 21, 2021 at 2:08 pm

    A well known vulnerability with the name of Heartbleed was introduced into TSL protocol in 2012, and involved the “overreading” of data that was appended. The appended data did not undergo input validation and therefore had potential to include malicious code.. Despite the disclosure of the vulnerability and accompanying release of a patch in 2014, as of 1 July 2019, Shodan reported that 91,063 devices were still vulnerable.

    Shodan (11 July 2019). “[2019] Heartbleed Report”. Shodan. Archived from the original on 11 July 2019. Retrieved 11 July 2019.

    Log in to Reply
  6. Krish Damany says

    December 5, 2021 at 1:30 pm

    https://9to5mac.com/2021/09/27/security-researcher-claims-3-zero-day-flaws-ios-15/

    In September, Apple released iOS 15 to the general public after about 3 months of beta and developer testing. In March, a security researcher explored and found 3 0-Day vulnerabilities. Apple failed to respond in time, and those 3 0-Days made its way on to iOS 15. This developer took those exploits and vulnerabilities to the public, and once that received great traction, Apple finally responded and issued a patch to make sure those 0-Days were gone.

    Log in to Reply
  7. Andrew Nguyen says

    December 5, 2021 at 3:07 pm

    https://winbuzzer.com/2021/11/25/windows-installer-zero-day-exploit-spotted-being-used-in-the-wild-xcxwbn/

    Threat actors are using an exploit for Windows Installer in the wild. The zero-day vulnerability stems from another flaw that Microsoft has already patched.

    I find it interesting that zero-day vulnerabilities are so common now, and I am curious as to what companies are doing to combat this.

    Log in to Reply
  8. Patrick Jurgelewicz says

    December 6, 2021 at 4:09 pm

    Although this is an older incident, the 2003 SQL Slammer worm infected 75,000 SQL servers in just 10 minutes. However, the vulnerability that this worm exploited had a patch available six months earlier.
    “The program exploited a buffer overflow bug in Microsoft’s SQL Server and Desktop Engine database products. Although the MS02-039 patch had been released six months earlier, many organizations had not yet applied it.”

    https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-039
    https://en.wikipedia.org/wiki/SQL_Slammer

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Uncategorized (1)
  • Week 01: Overview (2)
  • Week 02: TCP/IP and Network Architecture (2)
  • Week 03: Reconnaisance (2)
  • Week 04: Vulnerability Scanning (1)
  • Week 05: System and User Enumeration (1)
  • Week 06: Metasploit (1)
  • Week 08: Malware (1)
  • Week 09: Web Application Security (1)
  • Week 10: Web Application Hacking (1)
  • Week 11: Cloud Computing & Virtualization (2)
  • Week 12: Wireless (2)
  • Week 14: Review of all topics (1)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in