Eternal Blue Scan and Exploit Demo

It’s everywhere at the moment. ms17_010 or Eternal Blue as it’s affectionately known. It’s another great example of why it’s so important to not only keep your Anti Virus solution up to date, but also to install the latest patches for your OS.  This exploit requires just 2 things. That the port is open and that the required patch is not installed. In this demonstration we are attacking Windows Server 2008, setup using the Metasploitable 3 script from this project https://github.com/rapid7/metasploitable3

You can see that both the scanner and the exploit are built right into Metasploit and they are very easy to use. Patch your machines, Even if you think you can’t set up a test environment and try. Make good backups, and check that they work. Enjoy the video.

If you wanna setup Metasploitable 3 you need to do a bit of legwork, it doesn’t just work out of the box like it’s predecessor, and you need to install some prerequisites. The guides I used are here http://www.prodefence.org/2017/06/setup-metasploitable-3-windows-10/ and here  https://www.youtube.com/watch?v=i_K2cZcTXeI&t=580s