ISPY: Exploiting EternalBlue And BlueKeep Vulnerabilities

Stella Sebastian
Posted by Stella Sebastian January 22, 2021

superior_hosting_service

ISPY
ISPY

ISPY: Exploiting EternalBlue And BlueKeep Vulnerabilities With Metasploit

ispy is a Eternalblue (MS17-010) and BlueKeep (CVE-2019-0708) scanner and exploiter with Metasploit Framework.

What is eternalblue:

EternalBlue is a cyberattack exploit developed by the U.S. National Security Agency (NSA) according to testimony by former NSA employees. It was leaked by the Shadow Brokers hacker group on April 14, 2017, one month after Microsoft released patches for the vulnerability. EternalBlue is the name given to a software vulnerability in Microsoft’s Windows operating system. The tech giant has called it EternalBlue MS17-010 and issued a security update for the flaw on March 14. The patch was issued before the WannaCry ransomware spread around the world and those who had updated early would have been protected. The vulnerability works by exploiting the Microsoft Server Message Block 1.0. The SMB is a network file sharing protocol and ‘allows applications on a computer to read and write to files and to request services’ that are on the same network. Microsoft says the security update it issued is Critical and following WannaCry it released a rare Windows XP patch after officially ending support for the software in 2014.

What is Bluekeep:

BlueKeep (CVE-2019-0708) is a security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol, which allows for the possibility of remote code execution. Bluekeep or CVE-2019-0708 is an RCE exploit that effects the following versions of Windows systems: + Windows 2003 + Windows XP + Windows Vista + Windows 7 + Windows Server 2008 + Windows Server 2008 R2

How to install:

git clone https://github.com/Cyb0r9/ispy.git
cd ispy
chmod +x setup.sh
./setup.sh

For other Linux distros, open your terminal and enter these commands to install Metasploit Framework:

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod 755 msfinstall
msfinstall

Then, enter these commands to install ispy:

git clone https://github.com/Cyb0r9/ispy
cd ispy
sudo bash setup.sh
sudo bash ispy

Tested On:

  • Parrot OS
  • Kali linux
ISPY Demo
ISPY Demo
ISPY Demo
ISPYDemo

Tutorial (How to use ispy)

Disclaimer:

Usage of ispy for attacking targets without prior mutual consent is illegal. ispy is for security testing purposes only.

Download
IoT-Implant-Toolkit

Tags: