credit: @GossiTheDog: "If you want to setup FUZZBUNCH (the Equation exploit framework) you need Win7 VM + Python 2.6 + Pywin 2.6, then python fb.py for shell"
h/t @x0rz @DEYCrypt @hackerfantastic
context: https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
writeup: https://www.trustedsec.com/blog/equation-group-dump-analysis-full-rce-win7-fully-patched-cobalt-strike/
decrypted files: https://github.com/x0rz/EQGRP_Lost_in_Translation
750BTC: https://bit.surf:43110/theshadowbrokers.bit/page/windows/ if its up
install Windows xp/7 32-bit
turn windows firewall off?
install Python 2.6: https://www.python.org/ftp/python/2.6.6/python-2.6.6.msi
(be sure to install Python to your PATH environment variable!)
install Pywin 2.6: https://sourceforge.net/projects/pywin32/files/pywin32/Build%20221/pywin32-221.win32-py2.6.exe/download
Download Framework: https://github.com/x0rz/EQGRP_Lost_in_Translation/archive/master.zip
unzip the archive
...
cd windows
mkdir listeningposts
python fb.py
Can be run under Wine: https://github.com/knightmare2600/ShadowBrokers
DanderSpritz:
install Java 1.6: http://www.oldversion.com/windows/java-platform/
python start_lp.py
(calls Start.jar)
personal prefer Win32 Command Prompt Replacement: https://github.com/cbucher/console
Best lead I have on resolving that issue is the twitter conversation here: https://twitter.com/Ylujion/status/853311498495676417
Edit:
A blog post on using DanderSpritz: https://hackernoon.com/a-quick-look-at-the-nsa-exploits-dander-spiritz-trojan-1b5428b0ee65