|
|
|
|
|
|
by zigzigzag
3322 days ago
|
|
|
I looked there. It doesn't explain anything beyond mentioning that the exploit involves heap manipulation. The Metasploit eternalblue module simply runs an interpreter for a long set of commands that send massive binary blobs over the wire in a particular sequence. To me this looks like a cleaned up WireShark trace rather than anything based on true understanding of what it really does. As far as I can tell the only people who understand what these packets are doing to Windows are TAO and probably one or two developers at Microsoft. |
|
|