Err：DOUBLEPULSAR not detected or disabled. What should I do ？

[ZhiboWong]

Summary

When I use smb_doublepulsar_rce , there is an error. Err：DOUBLEPULSAR not detected or disabled

Relevant information

[-] 10.100.130.124:445 - DOUBLEPULSAR not detected or disabled [*] 10.100.130.124:445 - The target is not exploitable.

[bcoles]

Does the remote host have the DOUBLEPULSAR implant?

[ZhiboWong]

I think not. I have never implant anything to rhosts. So what should I do in first?

[Pratham16112002]

Can you share the output after the executing check command in the console ?

[ZhiboWong]

Does the remote host have the DOUBLEPULSAR implant?

msf6 exploit(windows/smb/smb_doublepulsar_rce) > check

[] 192.168.169.155:445 - Sending ping to DOUBLEPULSAR [-] 192.168.169.155:445 - DOUBLEPULSAR not detected or disabled [] 192.168.169.155:445 - The target is not exploitable.

[bcoles]

The target does not have the DOUBLEPULSAR implant. The target is not exploitable.

[ZhiboWong]

The target does not have the DOUBLEPULSAR implant. The target is not exploitable.

How can I implant DOUBLEPULSAR to rhost? Or which tool I can use to exploit rhost?

[bcoles]

The target does not have the DOUBLEPULSAR implant. The target is not exploitable.

How can I implant DOUBLEPULSAR to rhost? Or which tool I can use to exploit rhost?

Is there a reason you want to use DOUBLEPULSAR specifically? Perhaps you're looking for ms17_010_eternalblue instead?

• https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms17_010_eternalblue.rb
• https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/exploit/windows/smb/ms17_010_eternalblue.md

[ZhiboWong]

The target does not have the DOUBLEPULSAR implant. The target is not exploitable.

How can I implant DOUBLEPULSAR to rhost? Or which tool I can use to exploit rhost?

Is there a reason you want to use DOUBLEPULSAR specifically? Perhaps you're looking for ms17_010_eternalblue instead?

• https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms17_010_eternalblue.rb
• https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/exploit/windows/smb/ms17_010_eternalblue.md

The OS of Rhost, which is win 10 1607, is not in ms17_010_eternalblue supporting list.

1. Why can not I use DOUBLEPULSAR to hack 1607 ?
2. Which exp I can use to hack 1607 ?

[bcoles]

The OS of Rhost, which is win 10 1607, is not in ms17_010_eternalblue supporting list.

1. Why can not I use DOUBLEPULSAR to hack 1607 ?

The double pulsar implant must be installed first. In order to install the implant you must first have access to the target.

2. Which exp I can use to hack 1607 ?

modules/exploits/windows/smb/psexec.rb if you have credentials. There are also many local exploits and exploits for installed software.

[ZhiboWong]

The OS of Rhost, which is win 10 1607, is not in ms17_010_eternalblue supporting list.

1. Why can not I use DOUBLEPULSAR to hack 1607 ?

The double pulsar implant must be installed first. In order to install the implant you must first have access to the target.

2. Which exp I can use to hack 1607 ?

modules/exploits/windows/smb/psexec.rb if you have credentials. There are also many local exploits and exploits for installed software.

If I do not know credentials of Rhost , how can I get the password ? Or is there any other exp I can use to hack 1607 ?

[bcoles]

If I do not know credentials of Rhost , how can I get the password ?

You can brute force SMB credentials using the modules/auxiliary/scanner/smb/smb_login.rb module.

Or is there any other exp I can use to hack 1607 ?

There are many other exploits for installed software which may support Windows 10 (1607).

• modules/exploits/multi/browser/adobe_flash_opaque_background_uaf.rb
• modules/exploits/multi/browser/chrome_cve_2021_21220_v8_insufficient_validation.rb
• modules/exploits/multi/browser/chrome_jscreate_sideeffect.rb
• modules/exploits/multi/browser/chrome_simplifiedlowering_overflow.rb
• modules/exploits/multi/http/apache_flink_jar_upload_exec.rb
• modules/exploits/multi/http/atutor_upload_traversal.rb
• modules/exploits/windows/backupexec/ssl_uaf.rb
• modules/exploits/windows/browser/ms16_051_vbscript.rb
• modules/exploits/windows/fileformat/cyberlink_lpp_bof.rb
• modules/exploits/windows/fileformat/foxit_reader_uaf.rb
• modules/exploits/windows/fileformat/office_ole_multiple_dll_hijack.rb
• modules/exploits/windows/fileformat/vlc_mkv.rb
• modules/exploits/windows/ftp/sami_ftpd_user.rb
• modules/exploits/windows/http/dup_scout_enterprise_login_bof.rb
• modules/exploits/windows/http/fortilogger_arbitrary_fileupload.rb
• modules/exploits/windows/http/zentao_pro_rce.rb
• modules/exploits/windows/proxy/easy_internet_sharing_proxy_server_seh.rb

[github-actions[bot]]

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

[github-actions[bot]]

Hi again!

It’s been 60 days since anything happened on this issue, so we are going to close it. Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.