module
FannyBMP or DementiaWheel Detection Registry Check
| Disclosed | Created |
|---|---|
| 01/01/1970 | 01/26/2021 |
Disclosed
01/01/1970
Created
01/26/2021
Description
This module searches for the Fanny.bmp worm related reg keys.
fannybmp is a worm that exploited zero day vulns
(more specifically, the LNK Exploit CVE-2010-2568).
Which allowed it to spread even if USB Autorun was turned off.
This is the same exploit that was used in StuxNet.
fannybmp is a worm that exploited zero day vulns
(more specifically, the LNK Exploit CVE-2010-2568).
Which allowed it to spread even if USB Autorun was turned off.
This is the same exploit that was used in StuxNet.
Author
William M.
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use post/windows/gather/forensics/fanny_bmp_check
msf /(k) > show actions
...actions...
msf /(k) > set ACTION < action-name >
msf /(k) > show options
...show and set options...
msf /(k) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.