During an internal penetration test you identify a Windows 10 workstation with TCP port 445 open. Enumeration shows it is unpatched for MS17-010 and not running any host-based firewall. You want to gain interactive SYSTEM-level access in a single step using the Metasploit Framework. Which module and payload pairing is the most appropriate?
exploit/windows/smb/psexec with windows/meterpreter/reverse_tcp
exploit/windows/smb/ms17_010_eternalblue with windows/x64/meterpreter/reverse_tcp
exploit/windows/smb/smb_signing with windows/shell/reverse_tcp
auxiliary/scanner/smb/smb_version with windows/meterpreter/bind_tcp
The Metasploit module exploit/windows/smb/ms17_010_eternalblue leverages the EternalBlue vulnerability (MS17-010) to execute code remotely with SYSTEM privileges on unpatched Windows systems. When coupled with the windows/x64/meterpreter/reverse_tcp payload, it directly delivers a Meterpreter session in one step, providing full interactive control.
The psexec module requires valid credentials or hashes, which are not yet available in this scenario. The smb_signing module only tests for SMB signing and cannot provide shell access. The smb_version auxiliary module is limited to enumeration and cannot carry a payload. Therefore, the EternalBlue exploit with a reverse Meterpreter payload is the correct choice for immediate privileged access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the EternalBlue vulnerability (MS17-010)?
Open an interactive chat with Bash
What does 'SYSTEM-level access' mean in this context?
Open an interactive chat with Bash
How does the Metasploit Framework use payloads like windows/x64/meterpreter/reverse_tcp?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
System Hacking Phases and Attack Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .