
ispy is a Eternalblue (MS17-010) and BlueKeep (CVE-2019-0708) scanner and exploiter with Metasploit Framework.
What is eternalblue:
EternalBlue is a cyberattack exploit developed by the U.S. National Security Agency (NSA) according to testimony by former NSA employees. It was leaked by the Shadow Brokers hacker group on April 14, 2017, one month after Microsoft released patches for the vulnerability. EternalBlue is the name given to a software vulnerability in Microsoft's Windows operating system. The tech giant has called it EternalBlue MS17-010 and issued a security update for the flaw on March 14. The patch was issued before the WannaCry ransomware spread around the world and those who had updated early would have been protected. The vulnerability works by exploiting the Microsoft Server Message Block 1.0. The SMB is a network file sharing protocol and 'allows applications on a computer to read and write to files and to request services' that are on the same network. Microsoft says the security update it issued is Critical and following WannaCry it released a rare Windows XP patch after officially ending support for the software in 2014.
What is Bluekeep:
BlueKeep (CVE-2019-0708) is a security vulnerability that was discovered in Microsoft's Remote Desktop Protocol, which allows for the possibility of remote code execution. Bluekeep or CVE-2019-0708 is an RCE exploit that effects the following versions of Windows systems: + Windows 2003 + Windows XP + Windows Vista + Windows 7 + Windows Server 2008 + Windows Server 2008 R2
How to install:
git clone https://github.com/Cyb0r9/ispy.git cd ispy chmod +x setup.sh ./setup.sh
For other Linux distros, open your terminal and enter these commands to install Metasploit Framework:
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall chmod 755 msfinstall msfinstall
Then, enter these commands to install ispy:
git clone https://github.com/Cyb0r9/ispy cd ispy sudo bash setup.sh sudo bash ispy
Tested On:
- Parrot OS
- Kali linux
Tutorial (How to use ispy)
Youtube Channel (Cyborg)
https://youtube.com/c/Cyborg_TN
Information:
- GitHub profile : https://github.com/Cyb0r9
- YouTbue channel: https://youtube.com/c/Cyborg_TN
- Ask Fm (ask me): https://ask.fm/Cyborg_TN
- E-mail address : [email protected]
Disclaimer:
Usage of ispy for attacking targets without prior mutual consent is illegal. ispy is for security testing purposes only.
Author

- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Latest Articles
Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
Blog2022.10.12Vulnerability management with Wazuh open source XDR
Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky