search

Telefonica / Eternalblue-Doublepulsar-Metasploit

Module of Metasploit to exploit the vulnerability Eternalblue-Doublepulsar.
GNU Lesser General Public License v2.1
1.08k stars 519 forks source link

error when using windows/x64/exec payload #70

Open johnsmith765765 opened 6 years ago

johnsmith765765 commented 6 years ago

i used this module with payload for bind_shell and it worked correctly and got me a shell, so my configurations are ok. but when i set windows/x64/exec for payload, and run the module, it gives me this error:

`msf exploit(eternalblue_doublepulsar) > run

[*] 10.10.1.13:445 - Generating Eternalblue XML data
[*] 10.10.1.13:445 - Generating Doublepulsar XML data
[*] 10.10.1.13:445 - Generating payload DLL for Doublepulsar
[-] 10.10.1.13:445 - Exploit failed: Msf::OptionValidateError The following options failed to validate: CMD.
[*] Exploit completed, but no session was created.
`

and these are my options:

`msf exploit(eternalblue_doublepulsar) > options 

Module options (exploit/windows/smb/eternalblue_doublepulsar):
   Name                Current Setting                                 Required  Description
   ----                ---------------                                 --------  -----------
   DOUBLEPULSARPATH    /tmp/Eternalblue-Doublepulsar-Metasploit/deps/  yes       Path directory of Doublepulsar
   ETERNALBLUEPATH     /tmp/Eternalblue-Doublepulsar-Metasploit/deps/  yes       Path directory of Eternalblue
   PROCESSINJECT       lsass.exe                                       yes       Name of process to inject into (Change to lsass.exe for x64)
   RHOST               10.10.1.13                                      yes       The target address
   RPORT               445                                             yes       The SMB service port (TCP)
   TARGETARCHITECTURE  x64                                             yes       Target Architecture (Accepted: x86, x64)
   WINEPATH            /home/user/.wine/drive_c/                     yes       WINE drive_c path

Payload options (windows/x64/exec):
   Name      Current Setting  Required  Description
- - - - - - - - - - - -  - - - - - - -  - - - 
   CMD       calc.exe         yes       The command string to execute
   EXITFUNC  process          yes       Exit technique (Accepted: '', seh, thread, process, none)

Exploit target:
   Id  Name
 - - -
   8   Windows 7 (all services pack) (x86) (x64)

` my target is windows 7 x64 and as i said before , i tested this exploit with bind_tcp shell and it worked correctly.

francoataffarel commented 3 years ago

did u fix ?