Jump to content
🎅🎄 Signup today to get free TorrentLeech or ProAudioTorrents Invite! Get access to premium trackers, free seedboxes by signing up. Buy, Trade, Sell Or Find Free Invites for HDBits, PTP, Empornium, PrivateHD, Sinderella, etc 🎅🎄 ×

Critics fume after Github removes exploit code for Exchange vulnerabilities - Piracy News and Crypto Updates - InviteHawk - Your Only Source for Free Torrent Invites

Buy, Sell, Trade or Find Free Torrent Invites for Private Torrent Trackers Such As redacted, blutopia, losslessclub, femdomcult, filelist, Chdbits, Uhdbits, empornium, iptorrents, hdbits, gazellegames, animebytes, privatehd, myspleen, torrentleech, morethantv, bibliotik, alpharatio, blady, passthepopcorn, brokenstones, pornbay, cgpeers, cinemageddon, broadcasthenet, learnbits, torrentseeds, beyondhd, cinemaz, u2.dmhy, Karagarga, PTerclub, Nyaa.si, Polishtracker etc.

Sponsored Seedbox | VPN
Request Free IPTV Trial

Critics fume after Github removes exploit code for Exchange vulnerabilities

Chewy_fox
 Share

Recommended Posts

Chewy_fox Invite Master

Chewy_fox

Github has ignited a firestorm after the Microsoft-owned code-sharing repository removed a proof-of-concept exploit for critical vulnerabilities in Microsoft Exchange that have led to as many as 100,000 server infections in recent weeks.

ProxyLogon is the name that researchers have given both to the four Exchange vulnerabilities under attack in the wild and the code that exploits them. Researchers say that Hafnium, a state-sponsored hacking group based in China, started exploiting ProxyLogon in January, and within a few weeks, five other APTs—short for advanced persistent threat groups—followed suit. To date, no fewer than 10 APTs have used ProxyLogon to target servers around the world.

FURTHER READING

There’s a vexing mystery surrounding the 0-day attacks on Exchange servers

Microsoft issued emergency patches last week, but as of Tuesday, an estimated 125,000 Exchange servers had yet to install it, security firm Palo Alto Networks said. The FBI and the Cybersecurity and Infrastructure Security Agency have warned that ProxyLogon poses a serious threat to businesses, nonprofits, and government agencies that remain vulnerable.

On Wednesday, a researcher published what’s believed to be the first largely working proof-of-concept (PoC) exploit for the vulnerabilities. Based in Vietnam, the researcher also published a post on Medium describing how the exploit works. With a few tweaks, hackers would have most of what they needed to launch their own in-the-wild RCEs, security speak for remote code execution exploits.

Publishing PoC exploits for patched vulnerabilities is a standard practice among security researchers. It helps them understand how the attacks work so that they can build better defenses. The open source Metasploit hacking framework provides all the tools needed to exploit tens of thousands of patched exploits and is used by black hats and white hats alike.

Within hours of the PoC going live, however, Github removed it. By Thursday, some researchers were fuming about the takedown. Critics accused Microsoft of censoring content of vital interest to the security community because it harmed Microsoft interests. Some critics pledged to remove large bodies of their work on Github in response.

“Wow, I am completely speechless here,” Dave Kennedy, founder of security firm TrustedSec, wrote on Twitter. “Microsoft really did remove the PoC code from Github. This is huge, removing a security researcher's code from GitHub against their own product and which has already been patched.”

TrustedSec is one of countless security firms that has been overwhelmed by desperate calls from organizations hit by ProxyLogon. Plenty of Kennedy’s peers agreed with his sentiments.

“Is there a benefit to metasploit, or is literally everyone who uses it a script kiddie?” said Tavis Ormandy, a member of Google’s Project Zero, a vulnerability research group that regularly publishes PoCs almost immediately after a patch becomes available. “It’s unfortunate that there’s no way to share research and tools with professionals without also sharing them with attackers, but many people (like me) believe the benefits outweigh the risks.

Some researchers claimed Github had a double standard that allowed PoC code for patched vulnerabilities affecting other organizations’ software but removed them for Microsoft products. Microsoft declined to comment, and Github didn’t respond to an email seeking comment.

A dissenting view

Marcus Hutchins, a security researcher at Kryptos Logic, pushed back on those critics. He said Github has indeed removed PoCs for patched vulnerabilities affecting non-Microsoft software. He also made a case for Github removing the Exchange exploit.

“I’ve seen Github remove malicious code before, and not just code targeted at Microsoft products,” he told me in a direct message. “I highly doubt MS played any role in the removal and it just simply fell afoul of Github’s ‘Active malware or exploits’ policy in the [terms of service], due to the exploit being extremely recent and the large number of servers at imminent risk of ransomware.”

Responding to Kennedy on Twitter, Hutchins added, "'Has already been patched.' Dude, there’s more than 50,000 unpatched exchange servers out there. Releasing a full ready to go RCE chain is not security research, it’s recklessness and stupid.”

A post published by Motherboard provided a statement from Github that confirmed Hutchins’ guess that the PoC was removed because it violated Github's terms of service. The statement read:

We understand that the publication and distribution of proof of concept exploit code has educational and research value to the security community, and our goal is to balance that benefit with keeping the broader ecosystem safe. In accordance with our Acceptable Use Policies, we disabled the gist following reports that it contains proof of concept code for a recently disclosed vulnerability that is being actively exploited.

The PoC removed from Github remains available on archive sites. Ars isn’t linking to it or the Medium post until more servers are patched.

Link to comment
Share on other sites
Silent Watcher Invite King

Silent Watcher

Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and user will be warned if it happens again. If caught spamming, the following actions are applicable -

  • First time - Warning
  • Second time - 5000 Points will be deducted
  • Third time - Ban for 7 days
  • Fourth time - Permanent Ban

If the post helped you, reward the user by reacting to the post like this -

1.jpg

Link to comment
Share on other sites
The last post in this topic was made more than 14 days ago. Only post in this topic if you have something valuable to add. Irrelevant posts are not allowed and you will be warned/banned for spamming old topics.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Read this before posting -
  • Only post if you have something valuable to contribute.
  • Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and you will be warned if it happens again.
  • If the post helped you, reward the user by reacting to the post like this -                      1.jpg
Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Customer Reviews

    lazytime77
    Wow! This is my first time buying an invite from J.Stash (and on InviteHawk) and I am very happy with the results. This is 100% the real deal. I'll keep coming back for more. Thank you so much for putting this site up. This place is a gem!
    GlitterBow6
    An excellent experience from start to finish! J.Stash was very knowledgeable and responsive throughout the entire process. What's more, J.Stash was highly professional and courteous, always taking time to answer any questions that I had. I greatly recommend this seller and would definitely purchase from J.Stash again!!
    goon64
    J.Stash has my full recommendation. It's rare to work with a seller who possesses and demonstrates not just integrity and quick delivery, but Ethan also went above and beyond when there were issues with the product (not his fault at all). Thank you J.Stash.
    insomniac
    Purchased an invite from J.Stash, the seller was very professional and fast with their turn around times. The price was amazing and the whole site is absolutely amazing. will definitely purchase more from him. I have been searching for an invite for this website for many months and J.Stash solved my request faster than lightning.
    ChocoPie
    Bought Crunchyroll Premium upgrade from J.Stash It works, my account is now premium and I have access to all the shows! Thanks a lot J.Stash for having this wonderful service among many other amazing services in your portfolio! Highly recommend purchasing from J.Stash! This is one of the many successful orders he has processed for me!
    ChocoPie
    Registered an account on InviteHawk and placed an order for 6 different trackers with J.Stash Got all of them delivered in less than 60 mins! How does he do it? 🙂 He is brilliantly fast! Absolutely love his service and communication efforts! Thanks J.Stash! You rock 🙂 This has been by far the best experience I have ever had buying invites for private trackers.
    capri28790
    Everything went just perfect. He makes me a very good impression both as person and as professional seller. Glad I found this site and met him virtually here. I wish I could spread the word about, but since this is not quit a good idea, I just want to share with other users here my best appreciations regarding J.Stash. Highly recommended: good communication, safe shop, fast delivery.
    BUTTHEADBILL
    Purchased a Spotify upgrade through him and used bitcoin and found the entire experience to be great. I am a total newbie to this site. And I wasn't sure what to expect. I am so amazed at how fast this was handled and how great everything went.
    renascor
    In all my years of finding affordable services throughout the web, I have found no provider more responsive, more committed to excellent customer service, or more accountable to keeping to the terms of the services being obtained. When something stops working, the issues are addressed ASAP. When any questions arrive, they are responded to promptly. When situations arrive post service rendered even months down the road, J.Stash has your back to help navigate through them. Highly recommended.
    flipsie
    Bought a VIP access to the forum and got exactly what I wanted+more within reasonable time! Second time buying from J.Stash and my experience was exceptional, like last time. Would definitely buy from him again in there near future.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept