CVE-2019-0708 vulnerability reproduction (window server 2008 r2)
0x00 Vulnerability Overview
15 May 2019, a higher level of threat Windows operating system Remote Desktop Service Vulnerability (CVE-2019-0708), an attacker could remotely exploit this vulnerability without user verification by sending a special construction of malicious data to execute malicious code on the target system in order to gain full control of the machine. This vulnerability susceptible to worms, viruses and other malicious programs take advantage of extortion.
0x01 BASIC
The vulnerability exists in the Windows system Remote Desktop Services (Remote Desktop Services) (port 3389), the unauthenticated attacker can trigger the vulnerability by sending specially crafted packets may lead to a remote control system without user verification.
This means that the vulnerability can be exploited over a network worm way to exploit this vulnerability any malicious software that could spread from the infected computer to other computers vulnerable, an attacker who successfully exploited this vulnerability could execute on the target system arbitrary code.
0x02 vulnerability
1. Affected versions include:
Windows 7
WindowsServer 2008 R2
WindowsServer 2008
WindowsServer 2003
Windows XP
2. The affected versions are:
Windows 8
Windows 10
0x03 vulnerability fixes
1, disable Remote Desktop Services.
2. to install Microsoft patch
0x04 reproducible vulnerability
Environmental Vulnerability
Exploit
[https://github.com/n1xbyte/CVE-2019-0708/tree/b44a1ec077c56f0400cb2cb6faf40180b87459a6]
[into the crashpoc.py kali inside]
[Note: You can also use directly in kali [wget + URL] Download]
[python3 crashpoc. py 192.168.139.136 64]