Tag Archives: WannaCry

Eternal Blues

Eternal Blues is a free EternalBlue vulnerability scanner. It helps finding the blind spots in your network, these endpoints that are still vulnerable to EternalBlue.

Just hit the SCAN button and you will immediately start to get which of your computers are vulnerable and which aren’t. That’s it.

EternalBlues_0.0.0.8

If you wish, you can switch networks, or edit your own (yeah, you can also scan the world wide web if you wish). Please use it for good cause only. We have enough bad guys already…

DOWNLOAD HERE

Follow for latest updates twitterbird_RGB

 

Was this tool tested in real networks?

Oh yeah. Obviously I cannot say which, but with almost every network I connected to, there were a few vulnerable computers.

IMPORTANT: It does *not* exploit the vulnerability, but just checks whether it is exploitable.

July 12, 2017: Worldwide statistics are available
August 7, 2017: Stats explained

Yet another vulnerability scanner?

There are many vulnerability scanners out there. So… why did I create another? Mainly for the ease of use. The majority of latest WannaCry, NoPetya (Petya, GoldenEye or whatever) victims, are not technical organizations and sometimes just small business who don’t have a security team, or even just an IT team to help them mitigate this. Running NMap, Metasploit (not to mention more commercial products) is something they will never do. I aimed to create a simple ‘one-button’ tool that tells you one thing and one thing only – which systems are vulnerable in your network.

 

Notes

This is a free tool provided for your benefit & security. I don’t charge for it.  It is here to help you and also to help me getting worldwide statistics. Learn more about it.

 

Tips

  • If you’re about to run it in your working environment, please update the IT/Security team in advance. You don’t want to cause (IDS/IPS/AV) false alarms
  • If vulnerable systems were found – please take a Windows update asap

  • For God’s sake, please disable SMBv1 already. Whether your systems are patched or not. This protocol was written over 3 decades ago…!
  • If you would like to enjoy the tool but disallow sending anonymous statistics (which is so uncool), disable access to my website

 

Final words

I really hope this can help people and organizations protecting against the next attack.

This is a no-guarantees-use-at-your-own-risk tool.

Special thanks to Jonathan Smith for his contribution!

Please share your feedback -

  • Twitter: Omerez
  • LinkedIn: Elad Erez
  • Email: EternalBlues!omerez.com (replace ‘!’ with ‘@’)
  • Comment below

DOWNLOAD HERE (Learn more in version history)