Share
## https://sploitus.com/exploit?id=59631227-5E25-586B-AB1E-B79CAE26815A
# MS17-010 (EternalBlue) Exploitation Lab
Hands-on penetration testing lab demonstrating the complete exploitation workflow of the MS17-010 (EternalBlue) vulnerability against Windows 7 using Kali Linux, Nmap, and Metasploit.

## Overview

This lab demonstrates the complete penetration testing workflow against a vulnerable Windows 7 SP1 virtual machine using Kali Linux and Metasploit Framework.

The assessment was performed in an isolated VMware Host-Only network for educational purposes.

---

## Lab Environment

### Attacker

- Kali Linux

### Target

- Windows 7 Professional SP1 x64

### Virtualization

- VMware Workstation

### Network

- Host-Only

---

## Objectives

- Verify network connectivity
- Enumerate exposed services
- Identify vulnerabilities
- Validate the MS17-010 vulnerability
- Exploit the target using Metasploit
- Obtain a Meterpreter session
- Perform basic post-exploitation enumeration

---

## Methodology

1. Reconnaissance
2. Service Enumeration
3. Vulnerability Identification
4. Exploitation
5. Post-Exploitation
6. Documentation

---

## Tools

- Nmap
- Metasploit Framework
- Meterpreter
- VMware Workstation

---

## Key Findings

| Finding | Result |
|----------|--------|
| Operating System | Windows 7 Professional SP1 x64 |
| SMB Service | TCP/445 |
| Vulnerability | MS17-010 (EternalBlue) |
| CVE | CVE-2017-0143 |
| Risk | High |
| Exploitation | Successful |
| Meterpreter Session | Established |
| Privilege Level | NT AUTHORITY\SYSTEM |

---

## Skills Demonstrated

- Network Discovery
- Service Enumeration
- SMB Enumeration
- Vulnerability Assessment
- Remote Code Execution
- Meterpreter Usage
- Post-Exploitation Enumeration
- Technical Documentation

---

## Disclaimer

This project was performed in a controlled laboratory environment using systems owned by the researcher. It is intended solely for educational and defensive cybersecurity purposes.