Exploiting The Eternal Blue Vulnerability (CVE-2017-0144) For SMB

Overview of ‘R’ Us organization

This project is exploits the leveraging the vulnerability CVE-2017-0144 and it had the name as Eternal Blue. The ‘R’ Us is a small company and it earns the profits from hosting files for clients with 30 employees. It offers the hosting solutions across the all the file transfer protocols such as WebDev,  SCP,  FTP, SMP and HTTP. The solutions of hosting are used to allow an any customer to upload files and any internet user to download files using other available file transfer protocols. Recently, the organization employed the undergraduate to provide the responsibilities include the managing the customer service and file servers through the file transfers and its configuration. It uses the normal file transfer protocols such as SMB and user forced to use RDP. The RDP is used to speed up the DMZ process. User also notices organization vulnerability patch management process. This project is used to SMB is being targeted by the Eternal Blue exploit. It also addresses the CVE-2017-0411 vulnerability and it perform the exploit Eternal blue. It also addresses the risk matrix and provide the proof of concept against the File ‘R’ Us machines. It also immediate the remediation actions and provide the prevention measures that can be reduce and eliminate the future events.

The Critical issues in CVE-2017-0144 is exploit the vulnerability in SMB to spread over LAN. It impacting the various institutions including the hospitals and it causing the disruption of provided services. The attackers are massively spread the malware to exploit the CVE-2017-2014 vulnerability in SMB. To reduce these issues to uses the ESET security solutions with up to date version of detection engine because it able to detect and stop this malware. It protects the remote exploitation of the vulnerability at the network level using the network protection module. The CVE-2014-0014 also has windows SME remote code execution vulnerability issues and it is allows the remote attackers to execute the arbitrary code through the crafted packets. It also has the Eternal Blue SMB remote windows kernel pool corruption is used to buffer the overflow remove operation to authenticate to perform the exploit. It causes the system instability and crashed such as reboot and BSOD (Comer, 2015). 

The open source software is providing the windows file sharing access to non-windows machine using the CIFS and SMB protocol and it recently disclosed a similar remote code execution vulnerability to WannaCry that allows users to authorized access through the SMB protocol. It working the exploit the leveraging the CVE-2017-0014 for Metasploit. Metasploit includes an exploit and scanner module for the eternal blue vulnerability. It currently delivering a crypto mining protocol and targeting the raspberry Pi’s that have the default credentials. It exploiting the recent disclose from the CVE-2017-0014. It infects the network devices with port 22 because attackers are aggressively scanning the internet looking for vulnerable devices with port 445 exposed (Peterson & Davie, 2012). It also infecting the various machines during the campaign was due to users neglecting to install security updates in a timely fashion. It creates the unfortunate exploitation of marketing the vulnerability CVE-2017-0014 was dubbed the wannacry. It also exploits the empower the cyber criminals.  It exploits the network framework and payload used in the campaign. The best prevention for attacks is generally has the maintenance and patching. It focuses on the risk analysis and security research for network and application-based vulnerabilities. It focuses on Denial of services attacks includes the analysis of botnets and malware. It helps to Radware develop the signatures and mitigation attacks proactively for an organization (“EternalBlue: Metasploit Module for MS17-010”, 2018). 

Critical issues in CVE-2017-0144 vulnerability

The Eternal Blue exploit the vulnerability on windows environment and it is a remote code execution vulnerability that takes place over SMB. The organizations behind on the patch management will continue to be exposed to the risk of the malware and others the leveraging the eternal blue vulnerability (“Risk Assessment | Ready.gov”, 2018). To reduce the risk on the eternal blue by using the below steps.

  1. Use supported operating systems

Ensure all the operating systems being ran by the organizations are receiving the ongoing the security patched from the vendor.

  1. Host based firewalls

Consider the applying the firewall rules at the window host level that is used to prevent the unnecessary system to system communication

  1. Properly manage backups

The backups are properly not stored within a network that might be susceptible to infected by a worm (White, 2018).

  1. Patch management

The patch program is used to ensure the all windows systems are receiving the security patches. It is used to fixing the eternal blue vulnerability.

  1. Network Segmentation

The network segmentation is used to applying the routing and firewall rules that create the security zones in user network.

The Eternal blue proof of concept in uncontrolled environment and without prior authorization may be illegal (“10 Major Security Threats in Cloud Computing | TCS Cyber Security Community”, 2018). It making the several leaks that contained the some of the hacking tools and it affected were the firewall, Microsoft and antivirus products. It has five Filtration,

  • Equation Group cyber weapons Auction
  • Trick or Treat
  • Black Friday and cyber Monday sale
  • Don’t forget your base
  • Lost in Translation

These are containing the exploits targeting Microsoft windows. The relationship between the most of the vulnerability found that are ued to attack the windows vulnerability. It leaks the network infrastructure and it focused on the windows system. The vulnerabilities are point to the server message block service and Net Bios protocol. It is used to exchange the protocol that allows ti applications to write and Read the files and requires services from the server programs on Microsoft network. Generally, these vulnerabilities have the big impact that was exploited massively and it patched the vulnerabilities (“How To Delete SMB: CVE-2017-0144 Virus Completely From Windows PC? – PC Malware Security”, 2018). 

Immediate Remediation actions to takes the eternal vulnerabilities to ransom ware variant that targets the unpatched windows operating systems and it infected the users experience file encryption (“Vulnerability CVE-2017-0144 in SMB exploited by WannaCryptor ransomware to spread over LAN”, 2018). It ensures the systems are patched and up to date. Generally, Eternal blue needs the immediate actions because it has been infected. The immediate actions are listed in below (“SMB Vulnerabilities – WannaCry, Adylkuzz and SambaCry”, 2018).

  • Threat Intelligence
  • Communicate
  • Patch or Inoculate OS
  • Incident Response
  • Communicate
  • Locate backups and restore the date
  • Takes a proactive approach to identified the vulnerability
  • Consider the disabling unused legacy protocol
  • Formalize the incident response procedures

Prevention measures against the vulnerability

The Eternal blue has the horrific trojan virus that must be removed immediately from the windows systems. So, perform the several malicious activities in victimized computer remotely. The threats are creating the several critical issues in their windows system including the data loss, application malfunction, very slow system performance, hard drive and more. To prevent the vulnerability by using the critical system protection to restrict the software installation and executable modification and it used to protect the windows-based system (“Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability | Symantec”, 2018). It used the windows prevention policy strategy including whitelisting, hardening and basic. It used to prevent the windows-based systems from the attacks. It encrypting the ransomware may laterally spread from a compromised system. 


The ‘R’ Us organization is provides and exploits the leverage the vulnerability of CVE-2017-00114. It also known as Eternal blue. The ‘R’ Us is a small company and it earns the profits from hosting files. It offers the hosting solutions across the all the file transfer protocols such as WebDev,  SCP,  FTP, SMP and HTTP. The solutions of hosting are used to allow an any customer to upload files and any internet user to download files using other available file transfer protocols. This project is to analysis the SMB to perform the exploit eternal blue. The SMB is a transport protocol used by windows machines and it has various purposed such as printer sharing, file sharing and access to remote window services. The shadow brokers are released an SMB vulnerability named Eternal blue. It takes the advantages of this vulnerability to compromise the windows machines, propagate and load malware to other machines in a network.  It also discussed and analyzed the Critical issues on Eternal blue. This project also discussed the proof of concept, immediate actions and risk assessment based on Eternal blue. 


10 Major Security Threats in Cloud Computing | TCS Cyber Security Community. (2018). Securitycommunity.tcs.com. Retrieved 16 April 2018, from https://securitycommunity.tcs.com/infosecsoapbox/articles/2017/02/14/10-major-security-threats-cloud-computing

Comer, D. (2015). Computer networks and internets. Harlow, England: Pearson Education.

EternalBlue: Metasploit Module for MS17-010. (2018). Rapid7 Blog. Retrieved 18 April 2018, from https://blog.rapid7.com/2017/05/19/metasploit-the-power-of-the-community-and-eternalblue/

How To Delete SMB: CVE-2017-0144 Virus Completely From Windows PC? – PC Malware Security. (2018). PC Malware Security. Retrieved 18 April 2018, from https://www.pcmalwaresecurity.com/trojan/delete-smb-cve-2017-0144-virus-completely-windows-pc/

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability | Symantec. (2018). Symantec.com. Retrieved 18 April 2018, from https://www.symantec.com/security_response/vulnerability.jsp?bid=96704

Peterson, L., & Davie, B. (2012). Computer networks. Burlington: Morgan Kaufmann / Elsevier.

Risk Assessment | Ready.gov. (2018). Ready.gov. Retrieved 16 April 2018, from https://www.ready.gov/risk-assessment

SMB Vulnerabilities – WannaCry, Adylkuzz and SambaCry. (2018). Radware Blog. Retrieved 18 April 2018, from https://blog.radware.com/security/2017/06/smb-vulnerabilities-wannacry-adylkuzz-sambacry/

Vulnerability CVE-2017-0144 in SMB exploited by WannaCryptor ransomware to spread over LAN. (2018). Support.eset.com. Retrieved 18 April 2018, from https://support.eset.com/ca6443/?locale=en_US&viewlocale=en_US

White, C. (2018). Wannacry Ransomware & Mitigation Steps. risk3sixty LLC. Retrieved 18 April 2018, from https://www.risk3sixty.com/2017/05/13/alert-wannacry-ransomware

Calculate the price
Make an order in advance and get the best price
Pages (550 words)
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with Answers Market
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
Business Studies
Great paper thanks!
Customer 452543, January 23rd, 2023
I requested a revision and it was returned in less than 24 hours. Great job!
Customer 452467, November 15th, 2020
Thank you so much, Reaserch writer. you are so helpfull. I appreciate all the hard works. See you.
Customer 452701, February 12th, 2023
Thank you for your help. I made a few minor adjustments to the paper but overall it was good.
Customer 452591, November 11th, 2021
Thank you. I will forward critique once I receive it.
Customer 452467, July 25th, 2020
Thank you very much!! I should definitely pass my class now. I appreciate you!!
Customer 452591, June 18th, 2022
Thank you for your work
Customer 452551, October 22nd, 2021
Political science
Thank you!
Customer 452701, February 12th, 2023
Political science
I like the way it is organized, summarizes the main point, and compare the two articles. Thank you!
Customer 452701, February 12th, 2023
Customer reviews in total
Current satisfaction rate
3 pages
Average paper length
Customers referred by a friend
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat