search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
33.8k stars 13.9k forks source link

Eternalblue not working on a vulnerable machine #19437

Open HardSec-OFC opened 2 weeks ago

HardSec-OFC commented 2 weeks ago

Steps to reproduce

How'd you do it?

  1. Use windows/smb/ms17_010_eternalblue
  2. Set RHOSTS to the target IP address.
  3. Set LHOST to my local IP address.
  4. Set LPORT to my desired port number.
  5. Execute the exploit command.

This section should also tell us any relevant information about the environment; for example, if an exploit that used to work is failing, tell us the victim operating system and service versions.

Environment:

Were you following a specific guide/tutorial or reading documentation?

No, I was using the Metasploit Framework documentation and common exploitation procedures.

Expected behavior

The ms17_010_eternalblue exploit should successfully execute and create a Meterpreter session with the target machine.

Current behavior

The exploit fails with a communication error:

![Captura de tela de 2024-09-02 13-57-01](https://github.com/user-attachments/assets/7056eca9-8e0a-4267-92e6-5ec53df4e106)

Metasploit version

Get this with the version command in msfconsole (or git log -1 --pretty=oneline for a source install).

Metasploit Version:

Framework: 6.4.25-dev-
Console  : 6.4.25-dev-

Additional Information

If your version is less than 5.0.96, please update to the latest version and ensure your issue is still present.

If the issue is encountered within msfconsole, please run the debug command using the instructions below. If the issue is encountered outside msfconsole, or the issue causes msfconsole to crash on startup, please delete this section.

  1. Start msfconsole
  2. Run the command set loglevel 3
  3. Take the steps necessary recreate your issue
  4. Run the debug command
  5. Copy all the output below the ===8<=== CUT AND PASTE EVERYTHING BELOW THIS LINE ===8<=== line and make sure to REMOVE ANY SENSITIVE INFORMATION.
  6. Replace these instructions and the paragraph above with the output from step 5. LOG: msf_eternalblue_log.txt
adfoster-r7 commented 1 week ago

The exploit does not always succeed; Sometimes the target needs to be reset between exploit attempts too. Did you try running it again?

HardSec-OFC commented 1 week ago

Yes, im try later minutes, but no working

Em seg., 9 de set. de 2024, 09:09, adfoster-r7 @.***> escreveu:

The exploit does not always succeed; Sometimes the target needs to be reset between exploit attempts too. Did you try running it again?

— Reply to this email directly, view it on GitHub https://github.com/rapid7/metasploit-framework/issues/19437#issuecomment-2337950864, or unsubscribe https://github.com/notifications/unsubscribe-auth/BK64JZAV6QUPSNE4QASECODZVWFYJAVCNFSM6AAAAABNQVDIUCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMZXHE2TAOBWGQ . You are receiving this because you authored the thread.Message ID: @.***>