EternalBlue Windows 7
Jump to navigation
Jump to search
In this lab, we will learn how to use the EternalBlue vulnerability on an unpatched Windows 7 host. This exploit was linked to the NSA but has since been patched on all windows versions. We will use Metasploit on Kali Linux to make this process a little easier.
- EternalBlue
- Linux
- Security
- Metasploit
starting up metasploit
on the Kali VM we are going to open terminal and type the following commands:
service postgresql start msfconsole
we are then going to use the search command to see what Modules are available:
search eternalblue
you should see something like this:
Matching Modules ================ Name Disclosure Date Rank Check Description ---- --------------- ---- ----- ----------- auxiliary/admin/smb/ms17_010_command 2017-03-14 normal Yes MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution auxiliary/scanner/smb/smb_ms17_010 normal Yes MS17-010 SMB RCE Detection exploit/windows/smb/ms17_010_eternalblue 2017-03-14 average No MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption exploit/windows/smb/ms17_010_eternalblue_win8 2017-03-14 average No MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption for Win8+ exploit/windows/smb/ms17_010_psexec 2017-03-14 normal No MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
Some Basic Bash Programming
This section will introduce you to looping in bash. Open a new text editor window and paste in the following code.
#!/bin/bash
for i in {1..5}
do
echo "Hello World!"
sleep 1s
done
