MS17-010 Vulnerability - Detecting and uninstalling DoublePulsar implant

In this video we will identify computers affected by the MS17-010 vulnerability, which were compromised with the DoublePulsar implant. 
The detection task will be performed by using Countercept's DoublePulsar detection script, which can be downloaded from the following GitHub location:
The same script can also be used for uninstalling the DoublePulsar implant.

Check also my other posts on how to install the DoublePulsar module and on how to use the DoublePulsar exploit module.

Commands used in this video:
git clone
This command creates a local copy of the "doublepulsar-detection-script" Git repository.
python --ip <IP_Address>
This command will check if the target at <IP_Address> is compromised with the DoublePulsar implant.
python --ip <IP_Address> --uninstall --verbose
This command will uninstall the DoublePulsar implant from the target at <IP_Address>. 


  1. hi friend make more video and can you explain ms17-010 exploit for reverse_named_pipe pivot attack for metasploit framework to other to different network ip channel tel me yes are not i am waiting your response i think you can do this


Post a Comment

Popular Posts

MS17-010 Vulnerability - Using EternalBlue exploit module in Metasploit

Generating shellcode - using msfvenom to generate a binary payload

MS17-010 Vulnerability - Scanning using Metasploit on KALI Linux