Hack Tools Post Exploitation

Excalibur – An Eternalblue exploit payload based on Powershell

Excalibur is an Eternalblue exploit based “Powershell” for the Bashbunny project. It’s purpose is to reflect on how a “simple” USB drive can execute the 7 cyber kill chain.

When Excalibur gets connected to the machine, it will run the following:

  1. Trys to bypass UAC, or just get administrative rights
  2. Gets interface info (IP addresses) and build a network map inside a TXT file.
  3. Scans port 445 for the known “MS10-17” (“EternalBlue”) vulnerability in every segment found.
  4. Exploits every machine and drop a shell to a remote machine.

Follow the steps here to compile a shellcode: https://github.com/vivami/MS17-010

  1. Copy payload.txt to the switch folder.
  2. Copy the “eternablblue_exploit7.py” and compile it using Pyinstaller:
  • “pip install pyinstaller”
  • “pipinstaller –onefile eternablblue_exploit7.py”
  1. Add your shellcode and the compiled exploiter into “a.zip” and copy it to the “loot” folder”.
  • a.zip needs to contain a compiled, standalone eternalblue exploiter from “vivami’s” repo and the shellcode.
  1. Copy the powershell script to (p_v2.ps1) to the loot folder.

Download Excalibur