antipatternSo I hadn't realized just how plug and play #fuzzbunch was. There are obviously large parts of it that are missing/don't work out of the box (Or I'm an idiot who doesn't know what they're doing), but even metasploit doesn't have step by step prompts for pwnage. Tested the dll injection on eternalblue and it looks like it takes arbitrary payloads just fine - meterpreter shell has no issues. Yikes.
zacharykeeton@antipattern cool. Looking forward to playing with those soon
@zacharykeeton I would get a fresh windows 32 bit (on a vm, on a burner to avoid spooktastic paranoia), install python 2.6 + pywin and start poking around. Despite early reports(now largely corrected), I have old builds of win10 to try eternalblue with and haven't seen any success, although all the others seem to be vulnerable. I suspect this has more to do with the framework/specific script than the underlying exploit, but my understanding is still fairly naive.
@antipattern that's what I've heard too: no-go vs win 10. Still makes for a fun weekend though. I'd still like to give it a shot against 32bit windows 10 (still can't believe it's real, but...). Anyhow... I'm looking forward to playing.