ISPY: Exploiting EternalBlue And BlueKeep Vulnerabilities With Metasploit

(78 views)

ispy is a Eternalblue (MS17-010) and BlueKeep (CVE-2019-0708) scanner and exploiter with Metasploit Framework.

What is eternalblue:

EternalBlue is a cyberattack exploit developed by the U.S. National Security Agency (NSA) according to testimony by former NSA employees. It was leaked by the Shadow Brokers hacker group on April 14, 2017, one month after Microsoft released patches for the vulnerability. EternalBlue is the name given to a software vulnerability in Microsoft's Windows operating system. The tech giant has called it EternalBlue MS17-010 and issued a security update for the flaw on March 14. The patch was issued before the WannaCry ransomware spread around the world and those who had updated early would have been protected. The vulnerability works by exploiting the Microsoft Server Message Block 1.0. The SMB is a network file sharing protocol and 'allows applications on a computer to read and write to files and to request services' that are on the same network. Microsoft says the security update it issued is Critical and following WannaCry it released a rare Windows XP patch after officially ending support for the software in 2014.

What is Bluekeep:

BlueKeep (CVE-2019-0708) is a security vulnerability that was discovered in Microsoft's Remote Desktop Protocol, which allows for the possibility of remote code execution. Bluekeep or CVE-2019-0708 is an RCE exploit that effects the following versions of Windows systems: + Windows 2003 + Windows XP + Windows Vista + Windows 7 + Windows Server 2008 + Windows Server 2008 R2

How to install:

git clone https://github.com/Cyb0r9/ispy.git
cd ispy
chmod +x setup.sh
./setup.sh

For other Linux distros, open your terminal and enter these commands to install Metasploit Framework:

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod 755 msfinstall
msfinstall

Then, enter these commands to install ispy:

git clone https://github.com/Cyb0r9/ispy
cd ispy
sudo bash setup.sh
sudo bash ispy

Tested On:

  • Parrot OS
  • Kali linux

Tutorial (How to use ispy)

Youtube Channel (Cyborg)

https://youtube.com/c/Cyborg_TN

Information:

Disclaimer:

Usage of ispy for attacking targets without prior mutual consent is illegal. ispy is for security testing purposes only.

October 11, 2019

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023