List of Equation Group Exploits!

It has been sometime since the Shadow Brokers released a major cache of tools and exploits used/created by the Equation Group. This post is an attempt at listing only the exploits and their names from the last two; Linux and Windows, Equation Group dumps. These are the dump details:

eqgrp-auction-file.tar.xz
Password: CrDj"(;Va.*NdlnzB9M?@K2)#>deB7mN
Decrypted files: https://github.com/x0rz/EQGRP_Lost_in_Translation

eqgrp-free-file.tar.xz
Password: theequationgroup
Decrypted files: https://github.com/samgranger/EQGRP

If you have any details to add/share tweet @pentestit.

Equation Group
Equation Group


NameOSApplicationCVEVersion
EARLYSHOVELRedHat 7/7.1SendmailCVE-2003-0681+CVE-2003-06948.11.x
EASYBEEMdaemonWebAdmin9.5.2-10.1.2 (except 10.0.0)
EASYPILotus ccMailNT/2K/XP/2K3
EBBISLANDSolaris 6-10RPC/XDR2.6 - 2.10
EBBISHAVESolaris 6-10RPC/XDR
ECHOWRECKERLinuxSamba 3.0.x
ECLIPSEDWINGMicrosoft WindowsServer ServiceMS08-0672K All/XP SP1-SP3/2K3 SP0+SP1+SP2
EDUCATEDSCHOLARMicrosoft WindowsSMBv1?MS09-050Vista SP1+SP2/2K8 SP1+SP2
EVENLESSONLinux< OpenSSL 0.9.6d x86
EASYFUNWDaemon/MDaemon WorldClient< 9.5.6
EMRALDTHREADMicrosoft WindowsSMBv1?MS10-061XP SP1+SP2+SP3/SK3 SP0+SP1+SP2
EMPHASISMINELotus Domino6.5.4-6.5.5FP1 + 7.0-8.5.2
ENGLISHMANSDENTISTMicrosoft WindowsExchange WebAccess2010?
EPICHEROAvayaCall Server
ERRATICGOPHERSMBv12K SP4/XP SP2+SP3/2K3 SP0+SP1+SP2
ESKIMOROLLMicrosoft WindowsKerberos ServiceMS14-0682K/2K3/2K3 R2/2008/2008 R2
ESTEEMAUDITMicrosoft WindowsRDPXP SP0+SP1+SP2+SP3/2K3 SP0+SP1+SP2
ETERNALBLUEMicrosoft WindowsSMBv2/NBTMS17-010XP SP0+SP1+SP2+SP3/2K3 SP0+SP1+SP2/Vista SP0+SP1+SP2/2008 SP0+SP1+SP2+2008 R2 SP0+SP1/7 SP0+SP1
ETERNALCHAMPIONMicrosoft WindowsSMBv1/SMBv2?MS17-010XP SP0+SP1+SP2/2K3 SP0+SP1+SP2/Vista SP0+SP1+SP2/2008 SP0+SP1+SP2/7 SP0+SP1/2008 R2 SP0+SP1/8 SP0
ETERNALROMANCEMicrosoft WindowsSMBv1MS17-010XP/2K3 SP0+SP1+SP2/Vista SP0+SP1+SP2/2008 SP0+SP1+SP2/2008 R2 SP0+SP1/7 SP0+SP1
ETERNALSYNERGYMicrosoft WindowsSMBv3MS17-0108 SP0/2012 SP0
ETREIMAIL8.10 - 8.22
EWOKFRENZYLotus Domino6.5.4 - 7.0.2
EXPLODINGCANMicrosoft WindowsIIS 6(Webdav)CVE-2017-72692K3 SP0+SP1+SP2
ZIPPYBEERMicrosoft WindowsDC
ESMARKCONANTphpBB< 2.0.11
ELIDESKEWSquirrelMailCVE-2004-13151.4.0-1.4.7
ELITEHAMMERRedFlag WebMail4
ENVISIONCOLLISIONIP Board
COTTONAXELiteSpeed WebServer
EERedHat 7.3proFTPdCVE-2011-41301.2.8
CATFLAPSolaris 7-9
TOOLTALKDEC/IRIX/Solaris 2.6Tooltalk
VIOLENTSPIRITSolaris 2.6-2.9ttsession
EGGBASKETSPARCNetScape Enterprise Server3.5
ELECTRICSLIDE?Squid
EMBERSNOUTRedHat 9.0httpd
ENGAGENAUGHTYmod_ssl
ENTERSEEDPostFix2.0.8-2.1.5
ERRGENTLEExim3.22-3.35
EXPOSITTRAGpcnfsd2.x
EXTINCTSPINASHChili!Soft ASP/Cobalt RaQ?
KWIKEMARTOpenSSHOpenssh-2.1.1
STATDXRedHat 6.0-6.2rpc.statd
TELEXtelnetd
TOFFEEHAMMERCGIMail
VS-VIOLETSolaris 2.6-2.9XDMCP
EMPTYBOWLAsia Info Message Center 2.9.5.1
ENGLANDBOGYXorg/Ubuntu/MandrakeSoft Linux/SuSE Linux/RedHat CoreXorg X11R7 1.0.1+X11R7 1.0+X11R6 6.9/MandrakeSoft Linux 10.2/Ubuntu 5.0.4/SuSE Linux 10.0/RedHat Fedora Core5/MandrakeSoft Linux 2006.0
ELEGANTEAGLEcPanel
EXCELBERWICKXMLRPC (xmlrpc.php)
ERRGENTLEExim3.22-3.35
EGREGIOUSBLUNDER FortiOS?Fortigate FGT_60-v300CVE-2006-6493?60, 60M, 80C, 200A, 300A, 400A, 500A, 620B, 800, 5000, 1000A, 3600, 3600A
ELIGIBLEBOMBSHELL Chinese TOPSEC Firewall3.3.005.057.1 - 3.3.010.024.1
EXTRABACONCiscoCisco Adaptive Security ApplianceCVE-2016-6366v8.0(2) - v8.4(4)
BANANAGLEEJuniper Netscreen
ELIGIBLEBACHELORChinese TOPSEC Firewall3.2.100.010, 3.3.001.050, 3.3.002.021, 3.3.002.030
ELIGIBLECANDIDATEChinese TOPSEC Firewall3.3.005.057.1 - 3.3.010.024.1
ELIGIBLECONTESTANTChinese TOPSEC Firewall< 3.3
EPICBANANACiscoCisco Adaptive Security ApplianceCVE-2016-6367ASA - 711, 712, 721, 722, 723, 724, 80432, 804, 805, 822, 823, 824, 825, 831, 832 / PIX - 711, 712, 721, 722, 723, 724, 804
ESCALATEPLOWMANWatchGuard
BOOKISHMUTERedHat 6?

A good archive of all of the Equation Group dumps can be found here.