Reverse engineering the EXTRABACON exploit

Below is a link to a complete breakdown of the EXTRABACON exploit, which was dumped by the hacking group ShadowBrokers.

This vulnerability can exploit ASA 9.2(3) code, so be sure to patch any ASA’s. Tldr; check out the article below if you’re interested in how the exploit works!

Side note: SNMP must be exposed to the attacker, and know the SNMP community string for the attack to work.

https://zerosum0x0.blogspot.com.au/2016/09/reverse-engineering-cisco-asa-for.html

About The Author

Timothy started his networking career in 2014, working for one of the largest telecommunication operators in Australia. He has a passion for networking and cyber security. When he's not working, he's obsessing over German Shepherd Dogs.