Reverse engineering the EXTRABACON exploit

Below is a link to a complete breakdown of the EXTRABACON exploit, which was dumped by the hacking group ShadowBrokers.

This vulnerability can exploit ASA 9.2(3) code, so be sure to patch any ASA’s. Tldr; check out the article below if you’re interested in how the exploit works!

Side note: SNMP must be exposed to the attacker, and know the SNMP community string for the attack to work.

https://zerosum0x0.blogspot.com.au/2016/09/reverse-engineering-cisco-asa-for.html

About The Author

Timothy

Timothy started his networking career in 2014, working for one of the largest telecommunication operators in Australia. When he's not working, he's obsessing over German Shepherd Dogs.

Close