深入分析NSA用了5年的IIS漏洞
Tags
attack-pattern: Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID b0a0e88e-4d67-4579-9322-019ef921a4db
Fingerprint fc009211747f5387
Analysis status DONE
Considered CTI value 0
Text language
Published April 18, 2017, 8:07 a.m.
Added to db Jan. 19, 2023, 12:04 a.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline 深入分析NSA用了5年的IIS漏洞
Title 深入分析NSA用了5年的IIS漏洞
Detected Hints/Tags/Attributes 15/1/21
Source URLs
Redirection Url
Details Source https://xlab.tencent.com/cn/2017/04/18/nsa-iis-vulnerability-analysis/
URL Provider
Details Provider Source level domain
Details tencent.com xlab.tencent.com
Attributes
Details Type #Events CTI Value
Details CVE 38 
cve-2017-7269
Details Domain 4128 
github.com
Details Domain 243 
cve.mitre.org
Details Domain 1 
0patch.blogspot.com
Details Domain 26 
cansecwest.com
Details Domain 1 
www.mouseos.com
Details File 1122 
svchost.exe
Details File 128 
w3wp.exe
Details File 312 
calc.exe
Details File 2 
httpext.dll
Details File 2 
0patching-immortal-cve-2017-7269.html
Details File 1 
rop-jit.pdf
Details File 1 
kifastcallentry.html
Details Github username 2 
edwardz246003
Details Github username 1 
skylined
Details Url 1 
https://github.com/edwardz246003/iis_exploit
Details Url 106 
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve
Details Url 1 
https://0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html
Details Url 1 
https://cansecwest.com/slides/2013/dep-aslr
Details Url 1 
http://www.mouseos.com/windows/kernel/kifastcallentry.html
Details Url 1 
https://github.com/skylined/alpha3