Got some luck today(MS17-010)

read the news about US officially blame NK for WannaCry’s damage
so i was wondering if I can still find some machines that are vulnerable to MS17-010 in clients network
Just trying to see if I could got some luck for “old” exploit/vulnerability
I did found some machines are still not patched. and reported the problem to clients 🙂

using namap script to scan for possible/vulnerable targets

1. nmap -p445 --script smb-vuln-ms17-010 

2. nmap -p445 --script vuln 

found some possible target


Show option for MS17-010 in Metasploit

Successfully get remote shell