Subcategory: Changes & Installations: Getting Kali ready for OSCP

Introduction

MS17-010 is a vulnerability in Microsoft Windows that can allow remote code execution if an attacker sends special crafted messages to Microsoft Server Message Block 1.0 (SMBv1) server.

This vulnerability can be exploited by Metasploit. However, since OSCP doesn’t allow the usage of this tool, the exploit needs to be downloaded separately and sent manually.

These are instructions for Kali version 2020.1 and 2020.3.

Pre-requisites

Impacket for python 2.

Steps

Download the exploit


git clone https://github.com/helviojunior/MS17-010.git

This directory should have the files send_and_execute.py and smbserver.py, so check for both.

Install Impacket for Python 2

This exploit runs on python 2 and uses impacket module for python 2 too

My helpful screenshot

I had impacket installed for python 3, resulting in this error.

My helpful screenshot

If you already have impacket for python 2 installed, you can check it with:


pip2 freeze

My helpful screenshot

Similarly, check that the module six is also installed as some dependencies of send_and_execute script rely on it.