Eternalblue-Doublepulsar-Metasploit icon indicating copy to clipboard operation
Eternalblue-Doublepulsar-Metasploit copied to clipboard

Published 20 hours ago verified publisher icon Telefonica

.

Open Pauli-Isosomppi opened this issue 7 years ago • 22 comments

Pauli-Isosomppi avatar Jun 09 '17 01:06 Pauli-Isosomppi

give me details of your target

UrielRicardo avatar Jun 16 '17 12:06 UrielRicardo

@UrielRicardo
I have same problem Target windows 7 64 bits image

LAzyFrAAnk avatar Jun 18 '17 07:06 LAzyFrAAnk

@LAzyFrAAnk Your architecture would not be 64 bits?

UrielRicardo avatar Jun 19 '17 11:06 UrielRicardo

@UrielRicardo 86 and 64 both tried, same this error

LAzyFrAAnk avatar Jun 19 '17 11:06 LAzyFrAAnk

@LAzyFrAAnk Make sure the target architecture is correct, then use the proper payload:

set payload windows/x64/meterpreter/reverse_tcp - for 64 bit set payload windows/meterpreter/reverse_tcp - for x86 DO NOT FORGET X64, IT'S NOT IN YOUR IMAGE

UrielRicardo avatar Jun 19 '17 11:06 UrielRicardo

I have the same issue with a windows 2008 x86. I have all setup fine, but not working kali-new-2017-06-19-14-33-10

manueld79 avatar Jun 19 '17 12:06 manueld79

try set processinject explorer.exe

fb11 avatar Jun 19 '17 14:06 fb11

@UrielRicardo still failure when I tried before.

Not sure something missing or not

image

LAzyFrAAnk avatar Jun 19 '17 15:06 LAzyFrAAnk

@carms642 it won't work after changed to explorer

LAzyFrAAnk avatar Jun 19 '17 15:06 LAzyFrAAnk

Same when I set processinjection to explorer.exe.

kali-new-2017-06-19-18-19-17

manueld79 avatar Jun 19 '17 16:06 manueld79

@manueld79 try lsass.exe

UrielRicardo avatar Jun 20 '17 23:06 UrielRicardo

Also does not work for me either, very frustrating. Testing on known vulnerable hosts.

barrett092 avatar Jun 27 '17 21:06 barrett092

same issue :\

elibr1212 avatar Jul 25 '17 18:07 elibr1212

same, someone help?

mkasjanowicz avatar Oct 04 '17 13:10 mkasjanowicz

i find this on a security website ,so maybe it help ""if you have patched your machines but not disabled SMBv1, the machine will be seen as at risk. So a false positive. Also remember to disable SMBv1 if you do not use it."" i have the same error and really tried everything so after i read this i think that the scanner find a vuln ip but its a false detection.

X0R1972 avatar Oct 10 '17 19:10 X0R1972

has actually anybody managed to get around this problem ?

Cr11pt0 avatar Nov 20 '17 20:11 Cr11pt0

If you are doing this under Vm, set net Adapter settings as Bridge Replicated of source and target system both. Have you checked if the target is really vulnerable to smb ? use auxiliary/scanner/smb/smb_ms17_010 set RHOSTS targetIp

BigSperm avatar Jan 06 '18 04:01 BigSperm

Yeah the same, still no solution.

ppdmartell avatar Feb 07 '18 12:02 ppdmartell

In my opinion that target has been patched or port for 445 has been closed. I'm already tested for patched target and un-patched target.

Very easy for un-patched target to gain the system, but for patched target ... its shown failed.

manztihagi avatar Apr 25 '18 02:04 manztihagi

Error getting output back from core aborting

Isa5710 avatar Jan 29 '19 12:01 Isa5710

if port 445 is closed use masscan for other open ports, then try another open port

masscan --ports 0-65535 if this doesnt work then its definatley patched and scanner giving FP

Joshua2point0 avatar May 10 '19 13:05 Joshua2point0

ANY ONE SOLVED IT ?

AoG22 avatar Aug 11 '20 21:08 AoG22