GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → peterpt → fuzzbunch

peterpt / fuzzbunch

Licence: other
Shadow Brokers NSA fuzzbunch tool leak . With windows auto instalation script

Programming Languages

python
139335 projects - #7 most used programming language
XSLT
1337 projects
PostScript
262 projects
perl
6916 projects
XS
67 projects
Batchfile
5799 projects
Classic ASP
548 projects

Fuzzbunch

Fuzzbuch is a shadowbrokers framework leak tool from N.S.A.

** Original Repository

How to install

  • download the package from https://github.com/peterpt/fuzzbunch/archive/master.zip

  • extract it to your hard disk

  • run install.bat on windows XP 32bit only or windows 7 32bit only

  • copy the shortcuts : (fuzzbunch console , fuzzbunch java , fuzzbunch config) inside c:\fuzzbunch-master\dependencies to your desktop

  • When running fuzzbunch java link , make sure you write on the logs path (D:\Logs\PROJECT_NAME)

  • After loading fuzzbunch java link (gui) , write pc_prep on fuzzbunch console to prepare the payload

Requirements

  • User must have a d:\ hard disk drive partition or user have to create a virtual folder and assign it as a drive

  • For those that do not have a D: drive : create a folder in your drive c: with this name "drived" , then open a command line (cmd) and run this command : (subst d: c:\drived)

  • Important : make sure you dont have a CD drive assigned to drive d: , in case you have then change its drive letter https://www.computerhope.com/issues/ch000038.htm

Advices

  • It is advised to use a Virtual Machine windows XP/7 32bit image to install this git

Instalation Video

How does Fuzzbunch Works

Exploits

  • EARLYSHOVEL RedHat 7.0 - 7.1 Sendmail 8.11.x exploit
  • EBBISLAND (EBBSHAVE) root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86.
  • ECHOWRECKER remote Samba 3.0.x Linux exploit.
  • EASYBEE appears to be an MDaemon email server vulnerability
  • EASYFUN EasyFun 2.2.0 Exploit for WDaemon / IIS MDaemon/WorldClient pre 9.5.6
  • EASYPI is an IBM Lotus Notes exploit that gets detected as Stuxnet
  • EWOKFRENZY is an exploit for IBM Lotus Domino 6.5.4 & 7.0.2
  • EXPLODINGCAN is an IIS 6.0 exploit that creates a remote backdoor
  • ETERNALROMANCE is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges (MS17-010)
  • EDUCATEDSCHOLAR is a SMB exploit (MS09-050)
  • EMERALDTHREAD is a SMB exploit for Windows XP and Server 2003 (MS10-061)
  • EMPHASISMINE is a remote IMAP exploit for IBM Lotus Domino 6.6.4 to 8.5.2
  • ENGLISHMANSDENTIST sets Outlook Exchange WebAccess rules to trigger executable code on the client's side to send an email to other users
  • EPICHERO 0-day exploit (RCE) for Avaya Call Server
  • ERRATICGOPHER is a SMBv1 exploit targeting Windows XP and Server 2003
  • ETERNALSYNERGY is a SMBv3 remote code execution flaw for Windows 8 and Server 2012 SP0 (MS17-010)
  • ETERNALBLUE is a SMBv2 exploit for Windows 7 SP1 (MS17-010)
  • ETERNALCHAMPION is a SMBv1 exploit
  • ESKIMOROLL is a Kerberos exploit targeting 2000, 2003, 2008 and 2008 R2 domain controllers
  • ESTEEMAUDIT is an RDP exploit and backdoor for Windows Server 2003
  • ECLIPSEDWING is an RCE exploit for the Server service in Windows Server 2008 and later (MS08-067)
  • ETRE is an exploit for IMail 8.10 to 8.22
  • ETCETERABLUE is an exploit for IMail 7.04 to 8.05
  • FUZZBUNCH is an exploit framework, similar to MetaSploit
  • ODDJOB is an implant builder and C&C server that can deliver exploits for Windows 2000 and later, also not detected by any AV vendors
  • EXPIREDPAYCHECK IIS6 exploit
  • EAGERLEVER NBT/SMB exploit for Windows NT4.0, 2000, XP SP1 & SP2, 2003 SP1 & Base Release
  • EASYFUN WordClient / IIS6.0 exploit
  • ESSAYKEYNOTE
  • EVADEFRED

Utilities

  • PASSFREELY utility which "Bypasses authentication for Oracle servers"
  • SMBTOUCH check if the target is vulnerable to samba exploits like ETERNALSYNERGY, ETERNALBLUE, ETERNALROMANCE
  • ERRATICGOPHERTOUCH Check if the target is running some RPC
  • IISTOUCH check if the running IIS version is vulnerable
  • RPCOUTCH get info about windows via RPC
  • DOPU used to connect to machines exploited by ETERNALCHAMPIONS
  • NAMEDPIPETOUCH Utility to test for a predefined list of named pipes, mostly AV detection. User can add checks for custom named pipes.

Thanks to

Not very disclosed

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].