![]()
Selecting the exploit and displaying available options: Starting MSFconsole and searching for ms17-010: I have previously exploited this vulnerability manually, using both scripts from Exploit DB and scripts found on GitHub, so this time I will simply use the ms17_010_eternalblue Metasploit module. The scripts found that the host is vulnerable to the MS17-010 Eternal Blue vulnerability. Nmap has a number of “smb-vuln-msxx-xxx” scripts that can be used to test the SMB service for public exploits. I then ran another Nmap scan to check for any known vulnerabilities within the SMB service. The next step was to run a Nmap scan on ports 139 and 445 with all SMB enumeration scripts, to further enumerate this service. The only ports that can be enumerated at the moment are 139 (SMB) and potentially 135 (RPC), as all other ports are used for MSRPC.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |