by Hausec

How to set up Fuzzbunch (Shadowbroker’s Dump/NSA Tools)

WannaCry was the hot topic of several months and it stemmed from the fact the Shadowbrokers uncovered some of the NSA’s tools, of which the Fuzzbunch exploit framework was discovered which has the DOUBLEPULSAR and ETERNALBLUE modules builtin. Metasploit also has the ETERNALBLUE module now built in, but my success with it has varied, plus the added bonus of being able to upload your own, custom, payload is a big factor when considering AV and IPS.

What you’ll need:

The Shadowbroker’s dump of NSA toolshttps://github.com/misterch0c/shadowbroker

A copy of Windows XP

Python 2.6.6: https://www.python.org/ftp/python/2.6.6/python-2.6.6.msi

PyWin32https://sourceforge.net/projects/pywin32/files/pywin32/Build%20221/

Install Python first, then install Pywin32 after it. Nothing fancy with the settings, just install as normal. Next, download and extract the Shadowbroker’s dump file to the desktop.

fuzzbunch1

Next, you’ll need to create the “listeningposts” folder under the “windows” folder in the shadowbroker’s file, as shown below, to avoid the listeningposts error.

fuzzbunch2

Then navigate to the directory fb.py is in, as shown below, assuming you extracted the dump file to your desktop.

fuzzbunch3

Finally, run fb.py to get the Fuzzbunch framework running.

fuzzbunch4

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s