Android app “tests” Windows vulnerability

android_windows_vulnerability_checker

An Android App for “testing” the Windows SMB2 vulnerability we covered last week has been released. For testing? Yeah right! The availability of this kind of software makes it ridiculously easy for anybody to go out and cause some havoc. Go right now and double check that your machines that run Windows Vista or Windows Server 2008 are protected (see the “workarounds” section.)

[Thanks Tom101]

Comments

  1. Zencyde says:

    Oh, such sweet, blissful irony.

  2. luke says:

    I use OpenBSD.

  3. Oler says:

    Why is windows 7 not affected?

  4. aron says:

    worked on my windows 7 beta as well

  5. Mike Szczys says:

    @Oler and aron: There’s been some confusion about this. It seems that the release version of Windows 7 is unaffected but versions prior to that will be susceptible.

  6. Sander says:

    wow, the ip in that picture looks a suspicially lot like my ip adress…
    I’m glad that I use a mac.

  7. jamieriddles says:

    @Sander

    I hope you are being sarcastic

  8. Oler says:

    So windows 7 beta is affected. Anyone tried rc yet?

  9. vv says:

    Sander your glad you use a mac because?
    Bloddy Macfag’s, they cant even count.

  10. andrew says:

    zomg it looks just like my ip address too! no way!

  11. Eddy the crab says:

    I’ve give similar apps a test. This one seems one of the best coded. Doesn’t crash when the ip can’t be found for example. Nice find.

  12. SoulSalmon says:

    Erm… am I missing something or did they just release a remote BSoD app?
    If they did I have a few IPs to obtain…

  13. Matthew says:

    lets see an iphone do that!

  14. The_Evil_Machinist says:

    @Matthew, I’m porting it to iPhone right now. It will be in cydia asap!

  15. kamanashi says:

    @The_Evil_Machinist: What repo will it be on, as this should be a fun pra… I mean, don’t do that, to much chaos will fall on this world. ;)

  16. BiN4RY says:

    Sander, I hope you realize what you said made you sounded like a complete idiot

  17. DarwinSurvivor says:

    Anyone know of a linux (not android-specific) version of this? I have a few windows machines at home that I would like to “test”.

  18. Marco says:

    Why would you want to test your home machines instead of just installing Microsoft’s patch?

  19. m0zzie says:

    Lame, this app is a rip off of the one posted in the comments of the SMB news last week:

    http://hackaday.com/2009/09/09/windows-7-and-vista-crash-via-smb-exploit/#comment-93162

    Why would you take a free app and make your own priced version and an ad-supported version to try and profit from?

    The flaw was not found by me, and even if it had been, why should I try to make money off it? It’s a testing tool for easy testing on your own home/office/clients networks.

    Not cool, Tom.

  20. Ricardo Jorge says:

    @Sander: ROTFL

    This looks like a fun app to have when college starts..mwawAHAWAHAWAHHAWHAA

  21. Brad says:

    @m0zzie

    you seem to not know the definition of the word ‘profit’

    why would anyone do anything for profit?

    you’re answering your own question

  22. m0zzie says:

    @Brad,

    Alright, I’ll rephrase – the question should’ve looked more like: why would you make yourself look like a jerk by attempting to profit from other people’s work/ideas/etc?

    The original tool I created was an Android PoC of Laurent Gaffié’s findings posted to seclists, provided for testing of their home/office/clients’ networks (or if people really wanted, for fun with their friends) for FREE.

    Sorry, I’m just a bit of an advocate of free software, free information, etc.
    If someone wants to profit from their own work, then that’s fine. However, taking others’ ideas or work and trying to make a profit from it – that’s simply not cool in my books.

  23. tom101 says:

    @m0zzie

    You’ve already contacted me on twitter to tell me off you don’t need to do it here too. I didn’t rip off your app yours wasn’t aware of your app when I started mine. I was also inspired by Laurent Gaffié’s post. I’m not profiting at all; the couple of cents, and that really is all, thats come of the advertising doesn’t nearly cover the $25 I paid to become a developer to publish it. You have a donate button on your site, I see the paid app as more or less the same thing. People are free to use whichever version they want thats one of the great things about the +10000 app market we have. I’m not interested in getting in a flame war.

  24. barry99705 says:

    @DarwinSurvivor

    http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/

    It’s the scs.py about mid page.

    @Oler

    Because Win7 and I believe the latest updates of Vista have the newer smb protocols.

    Basically if you run this against a computer and it bluescreens it means the computer is vulnerable to the conficker worm.

  25. Man, that’s scary. I think my pc’s safe though.

  26. binome says:

    last week i ended up throwing the python script on my ipod touch, tutorial at http://www.youtube.com/watch?v=7z-EpJo4vkE

  27. M4CGYV3R says:

    My roommate hates you for posting this :P

  28. Ynynymys says:

    Move over TV-B-Gone, here comes the SMB-B-Gone.

  29. spacecoyote says:

    any app that does this “for testing purposes” should only allow private network addresses (e.g. 192.168.x.x, 172.x.x.x, 10.x.x.x, and 127.0.0.1 (mwahaha))

  30. moron4hire says:

    See, I thought Hack-a-Day was about the glory of smashing together bits of technology to make cool things happen, not about enabling good-for-nothing script kiddies.

  31. Sander says:

    I thought the same.

    anyway, I do feel kinda stupid right now, I guess I didn’t completely understand the article, and everything being in Englush doesn’t help alot. the fact that I said that I’m glad at using a mac is because I thought this only occurs at windows.

    ugh.

  32. strider_mt2k says:

    Sander, it’s pretty clear what you were trying to say.

  33. Lulzcake says:

    @Sander

    The reason you were being mocked is that the 192.168.x.x is a class C IP address that is only used for internal networks. My ip starts with 192.168. as well, and so do a lot of other networks’ IP ranges.

    Similarly, the 127.0.0.1 address is the address that always points to your own computer – it is basically a virtual(e.g. not a physical one) that is used to connect to your own computer, for IPC stuff and some much more complicated stuff. So when someone says their IP is 127.0.0.1, they’re right, but so is yours, etc, to simplify.

  34. Sander says:

    @Luizcake

    Ah, thanks alot for taking the time to explain it to me its alot clearer to me now!
    The fact that I didn’t knew this kinda made a fool out of me, lol.

    Thanks alot.

  35. oler says:

    tested on iphone python
    My windows 7 rc box goes down but vista home 32 doesn’t.

  36. oler says:

    Now that i double cheked the list of os’s that are vunrable, i dont get why the vista box doesn’t shuts down.
    It’s right there on the list.
    Hmm portscan diden’t found the box.
    Aah silly me.
    That box is on a switch before my wlan.

  37. The_Evil_Machinist says:

    App’s done! Submitting to cydia (big boss repo). Tested, works, and has fun flashy colors! Will post link to pic of it after I get off work!

  38. tom101 says:

    @The_Evil_Machinist

    Nice going. I’ll swipe my sisters ipod touch next chance I get and check it out.

  39. The_Evil_Machinist says:

    @tom101

    Needs approval still. I thought jailbreaking the iphone bypassed the approval process. Bullshit!
    OH HOLY BALLS WE HAVE CAPS!!!

  40. nasty nick says:

    started to bsod computers in my classroom, its so lulz. my goal is to crash the whole schools computer system.

  41. tom101 says:

    @The_Evil_Machinist
    That is odd, suppose it’s to stop bricking apps and the like though. Caps…didn’t even notice until you pointed it out, how long have we had this? It wasn’t here the other week on the apple fake math post. It’ll be gone soon as someone comes along and shouts “F1R5T P0S7!!1!!ONE!!!”.

  42. The_Evil_Machinist says:

    @tom101
    lol and then they will end up with the second post. Please editors/mods/writers, take away caps! For the love of god. Also, still waiting on approval.

  43. moron4hire says:

    @nick
    Why do you have to crash the every computer on the network? Why can’t you just tell the admins that the machines need to be patched?

  44. nasty nick says:

    @moron4hire

    i want them to know that it has to be fixed, and now. or else i will keep doing it. its fun as hell to watch my teacher cursing in Chinese as his computer bsod in the middle of logging grades, or during a presentation, and during roll call. its for teh lulz.

  45. The_Evil_Machinist says:

    Ok sad news for iPhone owners… Big Boss has rejected this app because of malicious content. (“_”) I’m crying inside. Well Time to set up my own repository!

  46. tom101 says:

    How can stuff get onto the official android repository but not an unofficial iphone one?

  47. The_Evil_Machinist says:

    The Jailbreak team is trying to prove that there is nothing wrong with what there doing. So they were trying to protect themselves and the jailbreak. There are unofficial ways of getting software onto cydia but setting up a cydia repository is quite hard (well for me). It all comes down to Apple vs Linux. If anyone is running os 2.whatever on there iphone or ipod touch, I can set up a download link to a xcode project file so you can just transfer it to the device for “debugging”. Apple got rid of that feature in os 3.0 because of shitheads like us!!

  48. steve says:

    hey i have a cydia repo running, i could host it. msg me on twitter @shuether and i’ll get it hosted…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 94,499 other followers