search

3ndG4me / AutoBlue-MS17-010

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010
MIT License
1.19k stars 311 forks source link

eternalblue_exploit7.py - INVALID_PARAMETER #15

Closed forensic65x closed 4 years ago

forensic65x commented 4 years ago

I've confirmed the target is vulnerable (blue - HTB).

I've created the shellcode without errors.

I've started the listener without errors.

I get the following error when attempting the eternalblue exploit.

root@host/opt/AutoBlue-MS17-010# python eternalblue_exploit7.py 10.10.10.40 shellcode/sc_all.bin 12 shellcode size: 2203 numGroomConn: 12 Target OS: Windows 7 Professional 7601 Service Pack 1 SMB1 session setup allocate nonpaged pool success SMB1 session setup allocate nonpaged pool success good response status: INVALID_PARAMETER done

Any suggestions?

3ndG4me commented 4 years ago

Hi, this output is actually the sign of a successful execution and it is not an error. Is the exploit completing successfully (are you getting a shell?).

Sometime it doesn’t always work the first time.

forensic65x commented 4 years ago

Good catch. I didn't get a shell the first time. I didn't see any activity in the listener window so I assumed something didn't compile correctly. I should have tried again before opening an issue. Thanks for the quick response - second attempt got a shell.