In this room we will exploit a machine using the Famous Exploit Eternal Blue Present in SMBv1 revealed by shadow Brokers

<aside> 💡 This Machine Is Available for Offline Download on the Website of Darksec (The Creator of the vulnerable Machine

</aside>

Downlaod the Machine Using this Link: https://drive.google.com/open?id=11f_wsW59Dh1fGvQCNUPK70lIWzlcg44_

After downloading Just Import The Machine into the Virtual Box and Then Start it.

1. Scanning

Let’s start the nmap to Scan the Machine

nmap <ip addr> | tee nmapscan.txt

Looking the results, we found 8 open ports among which 135,139,445 may be vulnerable due to smbv1

Let’s run a more intensive nmap scan to find service versions and a vuln script present in nmap

nmap -A --script=vuln <ip addr> | tee nmapscan1.txt

where:

• -A = for the Aggressive Scan
• —script=vuln = to use the vuln script of nmap