eternal_blue_powershell icon indicating copy to clipboard operation
eternal_blue_powershell copied to clipboard

Published 20 hours ago verified publisher icon tevora-threat

Running from command line

Open GGGunrunner opened this issue 7 years ago • 3 comments

Has anyone succeeded running it from a command line? I renamed it to e.ps1 for my convenience.

C:>powershell -ExecutionPolicy ByPass Windows PowerShell Copyright (C) 2009 Microsoft Corporation. All rights reserved.

PS C:> .\e.ps1 PS C:>

And thats it...

GGGunrunner avatar Jul 16 '17 18:07 GGGunrunner

If you look at the code, it takes the following arguments:

function Invoke-EternalBlue($target, $initial_grooms,$max_attempts)

So you need to Import-Module and then invoke the function with proper arguments.

benichmt1 avatar Jul 24 '17 18:07 benichmt1

There is no Readme instructions at all. How many people will scratch their heads trying to figure out what to do?

Lets write it together?

Readme.Howto.txt:

  1. Have Powershell Empire installed
  2. Download the script
  3. Put it... where? ~/Empire/data/module_source/exploitation ? code_execution/ ?
  4. ...

GGGunrunner avatar Jul 25 '17 22:07 GGGunrunner

If you can't figure it out, you can just use the dev branch of Empire, which has this script integrated.

See: https://github.com/EmpireProject/Empire/pull/575

e0x70i avatar Aug 12 '17 00:08 e0x70i