This repository is created for educational and cybersecurity research purposes only.
It focuses on understanding the MS17-010 vulnerability (EternalBlue) affecting Windows 7 systems and how it can be identified, analyzed, and mitigated in a controlled lab environment.
MS17-010 is a critical vulnerability in the SMBv1 protocol that was exploited by malware such as WannaCry and NotPetya.
- Understand how MS17-010 works internally
- Practice vulnerability identification in Windows systems
- Learn defensive security concepts and patch management
- Use in ethical hacking labs, CTFs, and academic learning
⚠️ This repository is NOT intended for illegal use or attacks on real systems.
- A Microsoft security bulletin released in March 2017
- Targets a flaw in SMBv1
- Allows remote code execution
- Commonly known as EternalBlue
Affected systems include:
- Windows 7
- Windows Server 2008
- Older unpatched Windows versions
Use only in isolated lab setups such as:
- VirtualBox / VMware
- Windows 7 (unpatched)
- Kali Linux / Parrot OS (for analysis)
- Host-only or internal network
- SMB protocol basics
- Vulnerability scanning
- Patch analysis
- Exploit impact understanding
- Blue Team vs Red Team perspective
To protect against MS17-010:
- Apply Microsoft security patches
- Disable SMBv1
- Use firewalls to block SMB (Port 445)
- Monitor network traffic
- Maintain proper patch management
This project is strictly for educational and research purposes.
- ❌ Do NOT use against systems you do not own or have permission to test
- ❌ Do NOT use for malicious activities
- ✅ Use responsibly and ethically
The author is not responsible for any misuse of this repository.
- Microsoft Security Bulletin MS17-010
- CVE-2017-0144
- EternalBlue technical analysis papers
Sohan ND
Cybersecurity Learner | Ethical Hacking | Network Security
GitHub: https://github.com/sohannd
If you find this repository useful:
- Star ⭐ the repo
- Fork 🍴 for learning
- Share with cybersecurity learners