README

Data hosted and ReadMe file provided by AZSecure Data and the University of Arizona Artificial Intelligence Lab. Citation information below.

SEBER-PCAP.zip file (3.7 MB, 1.9 MB compressed) contains:
doublepulsar-backdoor-connect-win7.pcap
eternalblue-failed-patched-win7.pcap
eternalblue-success-unpatched-win7.pcap
eternalromance-doublepulsar-meterpreter.pcap
eternalromance-success-2008r2.pcap
metasploit-ms017-010-win7x64.pcap
README.tct
SEBER-PCAP-readme.txt

DESCRIPTION
This dataset comprises PCAP data from the EternalBlue and EternalRomance malware.  These PCAPs capture the actual exploits in action, on target systems that had not yet been patched to defeat to the exploits.  The EternalBlue PCAP data uses a Windows 7 target machine, whereas the EternalRomance PCAP data uses a Windows 2008r2 target machine.  Also included is EternalBlue PCAP data for a patched Windows 7 target machine showing the failed exploit.

More information available at http://www.ericconrad.com/2017/04/shadowbrokers-pcaps-etc.html
https://cyber.gd/shadowbrokers



file types: PCAP

Date range of data: Collected April 2017

Collection method: The PCAP data was collected in an environment controlled by the author, using Wireshark.

Topics covered or keywords used: EternalBlue, EternalRomance, Metasploit, DoublePulsar, Windows, 2008r2, PCAP, Shadowbrokers






HOW TO CITE THIS DATASET

Author(s): Eric Conrad

Title:  Shadowbrokers EternalBlue/EternalRomance PCAP Dataset

Publisher: University of Arizona Artificial Intelligence Lab, AZSecure Data

Location: Copy and paste the location where you retrieve this file from within http://www.azsecure-data.org/ 

Publication date: May 2018


IEEE formatted citation:
E. Conrad, Shadowbrokers EternalBlue/EternalRomance PCAP Dataset, University of Arizona Artificial Intelligence Lab, AZSecure Data. Available http://www.azsecure-data.org/ [2018]