Excalibur - An Eternalblue exploit payload based on Powershell - Haxf4rall

Excalibur – An Eternalblue exploit payload based on Powershell

November 19, 2017July 27, 2019 Comments Off

Excalibur is an Eternalblue exploit based “Powershell” for the Bashbunny project. It’s purpose is to reflect on how a “simple” USB drive can execute the 7 cyber kill chain.

When Excalibur gets connected to the machine, it will run the following:

Trys to bypass UAC, or just get administrative rights
Gets interface info (IP addresses) and build a network map inside a TXT file.
Scans port 445 for the known “MS10-17” (“EternalBlue”) vulnerability in every segment found.
Exploits every machine and drop a shell to a remote machine.

Follow the steps here to compile a shellcode: https://github.com/vivami/MS17-010

Copy payload.txt to the switch folder.
Copy the “eternablblue_exploit7.py” and compile it using Pyinstaller:

“pip install pyinstaller”
“pipinstaller –onefile eternablblue_exploit7.py”

Add your shellcode and the compiled exploiter into “a.zip” and copy it to the “loot” folder”.

a.zip needs to contain a compiled, standalone eternalblue exploiter from “vivami’s” repo and the shellcode.

Copy the powershell script to (p_v2.ps1) to the loot folder.

Download Excalibur

Related Articles

Forerunner - Fast And Extensible Network Scanning Library Featuring Multithreading, Ping Probing, And Scan Fetchers

Forerunner – Fast And Extensible Network Scanning Library Featuring Multithreading, Ping Probing, And Scan Fetchers

Enumy - Linux Post Exploitation Privilege Escalation Enumeration

Enumy – Linux Post Exploitation Privilege Escalation Enumeration

axiom: dynamic infrastructure toolkit for red teamers and bug bounty hunters

axiom: dynamic infrastructure toolkit for red teamers and bug bounty hunters