MS17-010 SMB Vulnerability (EternalBlue)

This vulnerability affects multiple versions of Windows:

  • Windows Vista
  • Windows 7
  • Windows Server 2008
  • Windows 8.1
  • Windows Server 2012
  • Windows 10
  • Windows Server 2016

To scan for eternal blue vulnerability

Using #nmap_scripts:

  • smb-vuln-ms17-010

Using MSF modules:

  • auxiliary/scanner/smb/smb_ms17_010

Autoblue tool for exploiting:

:LiGithub:https://github.com/3ndG4me/AutoBlue-MS17-010
  1. first create a stageless shell using ./shell_prep.sh in /shellcode
  2. run netcat on the provided port
  3. then run the eternalblue_exploit<windows version>.py script

MSF module to exploit:

  • exploit/windows/smb/ms17_010_eternalblue