New Research revealed that NSA Cyber Weapon DoublePulsar can able to exploit the Windows Embedded system that affected by the MS17-010 vulnerability.
In this case, researcher tested this DoublePulsar exploit on Embedded Windows device and it revealed that authors of the DoublePulsar exploit don’t add support to the embedded devices, they have written the exploit only for Windows OS.
So Exploit only work against vulnerable windows OS and it doesn’t support against Windows Embedded operating system and it just throws the error as “target OS is not supported”.
Vulnerability Checking on Target
So researcher decided to check the target to confirm whether it is vulnerable or not. so he used SMBTouch and got the result that the target is vulnerable to EternalBlue.
So the backdoor is was successfully installed on the target and confirmed that the authors of the MSF exploit modules just forgot to add the support for Windows Embedded version.
Gain a Shell Access using DoublePulsar
Before injecting the Doublepulsar exploit into target embedded system, researchers create a DLL to the target host.
But throw the error “[-] ERROR unrecognized OS string” since all the windows embedded devices are not supported.
To find out a solution, he decided to go deep with the error using IDA Tool graphical view.
According to researcher,As seen from the graphical view, if the target machine is running Windows 7, it will take the left path, then proceed to detect whether its architecture is x86 or x64. If the target is not Windows 7, it will take the right path and do the other OS checks. Since there’s no check for Windows Embedded, the program ended up outputting the error message
[-] ERROR unrecognized OS string.
In this case, he found the Error due to no check for Windows Embedded devices when the exploit starts against the target.
Finally, the modified version of DoublePulsar exploit has been successfully injected to the target host and gain the system shell.