EternalBlue Exploit Tutorial – Doublepulsar With Metasploit (MS17-010)

What is Eternalblue?

EternalBlue.png

EternalBlue, sometimes stylized as ETERNALBLUE, is an exploit developed by the U.S. National Security Agency (NSA) according to testimony by former NSA employees.It was leaked by the Shadow Brokers hacker group on April 14, 2017, and was used as part of the worldwide WannaCry ransomware attack on May 12, 2017. The exploit was also used to help carry out the 2017 NotPetya cyberattack on June 27, 2017 and reported to be used as part of the Retefe banking trojan since at least September 5, 2017.

Module Name: exploit/windows/smb/ms17_010_eternalblue

Links:

Rapid7: https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue

Scanner: https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_ms17_010.rb

Doublepulsar exploit: https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit

Liked it? Take a second to support Alexis on Patreon!
Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *