Posts

Showing posts from 2019

BlueKeep Vulnerability - New Metasploit Exploit on Kali Linux

Image
The much awaited BlueKeep exploit for Metasploit-Framework was made publicly available by RAPID7 only 5 days ago, so I took the opportunity to give it a try in my test environment and make a video about it. For more information about the BlueKeep vulnerability and the BlueKeep scanner module for Metasploit - please check my previous post . Check this RAPID7 blog post for more information in regards to the initial release. The exploit released by RAPID7 is currently in initial / development state and it is NOT available via the usual Kali Linux updates repository. In order to install the BlueKeep exploit, we will perform first a new Metasploit-Framework installation from the RAPID7 Github repository located at the following URL:  https://github.com/rapid7/metasploit-framework After that we will perform a pull request for the BlueKeep exploit. The following commands were used for the steps described above: cd /opt git clone https://github.com/rapid7/metasploit-framework.git

BlueKeep Vulnerability - Scanning using Metasploit on Kali Linux

Image
BlueKeep is the nickname for the CVE-2019-0708 - Remote Desktop Services Remote Code Execution Vulnerability. This vulnerability was disclosed by Microsoft in May 2019 and it could be potentially as disruptive as the previous EternalBlue vulnerability. Same as EternalBlue, the BlueKeep vulnerability could allow a remote attacker to completely take over a vulnerable Windows system by executing arbitrary code on the target system. Check the following links for more information in regards to the BlueKeep vulnerability: Microsoft Security Bulletin CVE-2019-0708 Wikipedia ZDNET In this video we will use Kali Linux and the Metasploit BlueKeep scanner module to scan a test vulnerable Windows 7 workstation, then we will apply the patch provided by Microsoft and recheck. The following Metasploit commands were used: search BlueKeep  This command lists the Metasploit modules containing the string "BlueKeep".  use auxiliary/scanner/rdp/cve_2019_0708_bluekeep This command s