验证漏洞:
在MSF目录下新建一个rdp_scanner.rb,复制以下代码并保存。
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::Report
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Identify endpoints speaking the Remote Desktop Protocol (RDP)',
'Description' => %q(
This module attempts to connect to the specified Remote Desktop Protocol port
and determines if it speaks RDP.
The CredSSP and EarlyUser options are related to Network Level Authentication.
),
'Author' => 'Jon Hart <jon_hart[at]rapid7.com>',
'References' =>