PASSFREELY: Bypassing Oracle Database Authentication (ShadowBrokers)

The ShadowBrokers group recently released an archive of exploits, tools and utilities used by NSA to compromise various Windows servers and Oracle databases. We started investigating further into database archives to find out some interesting tools and exploits. This archive contains a tool called PASSFREELY that can be used to bypass Oracle Database authentication. This tool patches the Oracle … Continue reading “PASSFREELY: Bypassing Oracle Database Authentication (ShadowBrokers)”

Doublepulsar backdoor spreading rapidly in the wild

On April 14, 2017 – The mysterious hacking group ShadowBrokers released cyber spying tools allegedly employed by the U.S. National Security Agency. This week, it’s reported that more than 300,000 Windows machines are affected by a backdoor called “Doublepulsar” from the tools. This blog is about what “Doublepulsar” is and how we detect it.   … Continue reading “Doublepulsar backdoor spreading rapidly in the wild”

ShadowBrokers NSA Tool Dump

On Friday, April 14, 2017 – The mysterious hacking group ShadowBrokers released over 300MB of NSA hacking tools and exploits. The dump is hosted as a Yandex disk with password “Reeeeeeeeeeeeeee”. The current dump contains 3 folders oddjob, windows, swift as described below, and a detailed list of the contents can be found here. oddjob An implant builder … Continue reading “ShadowBrokers NSA Tool Dump”