Exploiting SMB Vulnerabilities with Metasploit

When to Use

• Testing Windows systems for critical SMB vulnerabilities (EternalBlue, EternalRomance, PrintNightmare) during authorized penetration tests
• Demonstrating lateral movement risks via SMB relay, pass-the-hash, and credential spraying
• Validating that patch management processes have addressed known SMB vulnerabilities
• Assessing SMB signing enforcement and share permission configurations across the domain
• Testing network segmentation by attempting SMB exploitation across VLAN boundaries

Do not use against systems without explicit written authorization, against production domain controllers without a maintenance window, or to deploy persistent backdoors beyond the scope of the assessment.

Prerequisites

• Metasploit Framework 6.x installed (msfconsole --version)
• Authorized penetration test scope document listing target IP ranges and approved attack types
• Network access to target SMB services (TCP 445, TCP 139)
• CrackMapExec and Impacket tools installed for complementary SMB testing
• Valid test credentials or credential wordlists approved for the engagement
• Kali Linux or equivalent testing platform