Thread replies: 37
Thread images: 3
Thread images: 3
File: samba-remote-code-exploit.png (164KB, 728x380px) Image search:
[Google]
164KB, 728x380px
Is this it? A Samba Exploit for Linux was found and with it a Metasploit module was given,
LinuxCry incoming?
http://thehackernews.com/2017/05/samba-rce-exploit.html
>>
Who the fuck uses samba on Linux?
Everyone either uses NFS, (S)FTP, or SSHFS.
>>
>>60576307
I do I do
CIFS my guy
>>
alread fixed in:
debian: https://security-tracker.debian.org/tracker/CVE-2017-7494
ubuntu: http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7494.html
RHEL not affected. https://access.redhat.com/security/cve/CVE-2017-7494
suse:
https://www.suse.com/security/cve/CVE-2017-7494/
>>
>>60576307
FUCK YOU
there's always one faggot on /g/ that's smartass after something happens
>>
>>60576229
The difference is that samba isn't enabled on Linux by default and even when it is used, it doesn't use the weird older versions of the protocol that's exploitable.
>>
File: 1491007804839.jpg (95KB, 460x628px) Image search:
[Google]
95KB, 460x628px
>be autistic neet
>hired to reverse engineer SMB under an open source license
>try to make it as perfect as possible
>seven years later people are mad at me when they realize I implemented all the exploits as well
they should have been more specific
>>
>>60576229
>samba
kek
ok.
>>
>>60576366
He's not wrong. This is a specific niche use-case. It also requires things to be enabled that aren't out of the box (Samba, obviously). ETERNALBLUE was a zero-day that affected all unpatched machines by default.
>>
And still, at least 100.000 systems world wide are running vulnerable samba versions.
>>
Why have we started giving exploits special names?
>Holy shit, we just found a huge exploit in X that may be in use already
>(3 days later)
>Aren't you going to report it?
>Not yet, I'm too busy trying to think of a cool name for it
>>
>>60576229
>allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it,"
Wow, it's fucking nothing.
I mean, you need actual file write access to a Samba share to exploit it, which means either being inside the network or having a writeable Samba share open to the Internet.
>>
This vulnerability can only be used with writeable access. It's really not as bad as the windows ones.
>>
And a lot of routers, NAS-Servers and more are vulnerable.
Which arent patched that often.
So it could lead to a major problem.
Try to imagine a Trojan, using the latest released State-of-the-Art NSA farmed vulnerabilitys like EternalBlue/Romance etc. Or maybe some by shadowbrokers soon to be released zero Days for Win10. Paired with the latest samba and linux exploits and of course some worming compabilty.
Could be a hell of a interessting year
>>
>>60576307
Not possible with Windows.
> Using Windows
> 2017
My data storage should be universally accessible from any device: Windows PC, Mac PC, iPad, Android. Samba is the right tool for it.
>>
>>
>>60576463
Honestly, most of those devices are probably already part of botnets.
>>
>>60576307
Doesn't NFS stand for no fucking security?
>>
>>60576636
There's a whitelist.
>>
>>60576467
The only other device I use is android and it has no problems accessing my servers files over SSH or SFTP.
>>60576636
It stands for Network File System.
Yes, NFS should only be used in the local network and not expose to the internet, that's why I listed the others directly after NFS.
Samba/SMB/CIFS is a terrible piece of fucking shit. No one should have to be subjected to using such a terrible piece of software and protocol.
>>
>>60576636
>hosts.allow
>hosts.deny
>>
>>60576494
Ransomware is the least lucrative and most amateur use of these exploits anyway.
We'd actually need to thank the Wannacry devs for creating widespread awareness that shit is vulnerable.
>>
>>60576307
I do. My main machine is Windows so I need CIFS on my NAS.
>>
>>60576647
What is wrong with Samba? I never used anything else so for me it seems fine.
>>
>>60576307
>NFS, (S)FTP, or SSHFS
Samba is often the recommended way to share stuff between Linux machines because these things suck enormously.
>>
File: 1488293274799.jpg (711KB, 2746x2060px) Image search:
[Google]
711KB, 2746x2060px
>>60576229
I'd simply like to correct you for one moment. What you're alluding to as Linux, is really, GNU/Linux, or as I just the other day began to call it, GNU + Linux. Linux isn't an operating setup on its own, but really another free piece of a completely working GNU setup made useful by the GNU central libs, shell facilities and essential setup components completing a full OS.
Many computer holders use a flavor of the original setup daily, but do not realize. Because of a strange chance, the edition of GNU used now is often called "Linux", and many of its holders have no knowledge that it is practically the GNU setup, created by GNU.
There is in fact a Linux, and this population are using it, but it is simply a part of the setup they use. Linux is really core: the program in the setup that handles the machine's resources to the other programs that you run. The core is a necessary part of an operating setup, but cannot work on its own; it can only function in the context of a fully developed operating setup. Linux is normally paired with the GNU operating setup: the whole setup is practically GNU with Linux added on, or GNU/Linux. All the "Linux" releases are really releases of GNU/Linux.
>>
>>60576307
I do.
I have an Odroid with external HDD, which I share to my Windows™ PC's with Samba
>>
>>60576428
What about the logo?
>>
>>60576646
>>60576649
But there's no authentication of any kind. That's what has so far kept me from using NFS, it's all based on the IP of the computer accessing it.
>>
>>60576948
if you need security/privacy, you should be using SFTP
>>
>>60576229
>finally linux fags will got it too
>REEEEEEEEEEEEEEEEEE
Too bad, most people don't use samba and it's used on osx too, but please ignore that as MS is friendly towards Apple.
>>
>>60576998
That's a stupid idea for NAS usage, which CIFS (samba) is meant for.
>>
>>60577238
if you just need basic auth, then use NFS with kerberos
>>
Does this affect FreeBSD (or specifically FreeNAS)?
>>
>>60577833
If it is running an affected Samba version, yes.
>>
>>60577265
adding a new service in your system in response to covering another services weakness is definately the way to go. Why should an attacker be limited to one thing to hack and give them the opportunity to exploit interdepenancies.
>>
>>60578449
>adding a new service in your system in response to covering another services weakness is definately the way to go.
it's the UNIX way
Thread posts: 37
Thread images: 3
Thread images: 3