Exercise: Exploiting Eternal Blue Vulnerability on Windows 7 through Kali Linux in
VirtualBox

Before starting this exercise, make sure you have completed the previous exercise “Setting
up a Penetration Testing Lab with Kali Linux and Windows 7 in VirtualBox” to have a
Windows 7 machine ready for exploitation.

Pre-requisisite: Windows 7 – Service Pack 7601 Windows ISO needed

Step 1: Update and Upgrade your Kali Linux machine

● Open a terminal window in Kali Linux
● Run the command sudo apt-get update to update the package lists
● Run the command sudo apt-get upgrade to upgrade the installed packages

Step 2: Download the Eternal Blue exploit

● Open a terminal window in Kali Linux
● Run the command git clone https://github.com/EternalBlueExploit/EternalBlue to
download the exploit from Github
● Go to the EternalBlue directory by running the command cd EternalBlue

Step 3: Configure the exploit

● Run the command sudo nano eternalblue_exploit.py to open the exploit configuration
file in a text editor
● Replace the IP address “192.168.1.1” with the IP address of the Windows 7 machine
● Replace the IP address “192.168.1.2” with the IP address of the Kali Linux machine
● Save and exit the text editor

Step 4: Run the exploit

● Run the command python eternalblue_exploit.py to run the exploit
● Wait for the exploit to successfully connect to the Windows 7 machine

Step 5: Verifying the exploit

● Run the command netstat -antp on Windows 7 machine, it should show a connection
to the Kali Linux machine on port 445.
● Now you can use the Metasploit Framework to further exploit the Windows 7
machine

Step 6: Clean up

● Close the connection by using the command sudo killall python in the Kali Linux
machine.
● Remove the Eternal Blue exploit by running the command sudo rm -r EternalBlue in
the Kali Linux machine.
● Remember to revert any changes made to the Windows 7 machine and reset the
machine to its original state before starting the exercise.

Note:
● This exercise is for educational and ethical hacking practice in a controlled lab
environment. Attempting to exploit vulnerabilities without permission is illegal and can
cause serious harm.
● The Eternal Blue exploit is a known vulnerability and has been patched by Microsoft,
make sure to use a more recent version of Windows.
● Use the most updated version of the exploit script as the exploit may have been
patched by the time you are attempting this exercise.
● Keep in mind that the EternalBlue exploit was used in the WannaCry ransomware
attack in 2017, which affected tens of thousands of computers worldwide.

Reference links:
● Eternal Blue exploit on Github: https://github.com/EternalBlueExploit/EternalBlue
● Microsoft Security Update for Eternal Blue: https://portal.msrc.microsoft.com/en-
us/security-guidance/advisory/CVE-2017-0143
● Metasploit Framework: https://www.metasploit.com/

Open chat
Hello 👋.
Tell me, how can I help you?