BlueKeep Vulnerability - New Metasploit Exploit on Kali Linux

The much awaited BlueKeep exploit for Metasploit-Framework was made publicly available by RAPID7 only 5 days ago, so I took the opportunity to give it a try in my test environment and make a video about it.

For more information about the BlueKeep vulnerability and the BlueKeep scanner module for Metasploit - please check my previous post.

Check this RAPID7 blog post for more information in regards to the initial release.

The exploit released by RAPID7 is currently in initial / development state and it is NOT available via the usual Kali Linux updates repository.
In order to install the BlueKeep exploit, we will perform first a new Metasploit-Framework installation from the RAPID7 Github repository located at the following URL: https://github.com/rapid7/metasploit-framework
After that we will perform a pull request for the BlueKeep exploit.
The following commands were used for the steps described above:
cd /opt
git clone https://github.com/rapid7/metasploit-framework.git
cd metasploit-framework
git fetch origin pull/12283/head:bluekeep
git checkout bluekeep
gem install bundler && bundle
The new Metasploit-Framework installation was launched by using the command below:
./msfconsole -q
... and the new BlueKeep exploit module was loaded with the following command:
use exploit/windows/rdp/cve_2019_0708_bluekeep_rce

The commands and options used to configure the BlueKeep exploit are similar to the ones used to configure the EternalBlue exploit modules that were presented before - please check my older EternalBlue posts if needed.

BlueKeep Vulnerability - 
New Metasploit Exploit on Kali Linux



Comments

  1. You are really really good

    ReplyDelete
  2. I generally want the quality substance, and this thing I found in your post. I'm truly thankful to you for this post.keep sharing this in future. Ethical Hacker For Hire

    ReplyDelete
  3. I'd like to express my gratitude for writing such a helpful article about how to hack gmail account on android. This article provided me with some useful knowledge. Thank you for sharing that. Keep up the good work.

    ReplyDelete
  4. I admire this article for the well-researched content and excellent wording. Trusted Hackers for Hire. I got so involved in this material that I couldn’t stop reading. I am impressed with your work and skill. Thank you so much.

    ReplyDelete
  5. I read your blog on daily basis. This is really great and informative post. Thanks for sharing. buy hats online

    ReplyDelete
  6. I appreciate your efforts which you have put into this article. Genuinely it is a useful article to increase our knowledge. Thanks for share an article like this.Ethical Hacker For Hire

    ReplyDelete
  7. The representation of this article is actually superb. I think this is a genuinely beneficial and instructive article for everyone, I appreciate this kind of writing, Thankful to you for sharing an article like this.Ethical Hacker For Hire in Usa

    ReplyDelete
  8. It is what I was searching for is really informative. Reliable IT Server Management Services in Houston It is a significant and useful article for us. Thankful to you for sharing an article like this.

    ReplyDelete
  9. I generally check this kind of article and I found your article which is related to my interest. Genuinely it is good and instructive information, Enfortra Inc Thankful to you for sharing an article like this.

    ReplyDelete

Post a Comment

Popular Posts

MS17-010 Vulnerability - Using EternalBlue exploit module in Metasploit

Generating shellcode - using msfvenom to generate a binary payload

MS17-010 Vulnerability - Scanning using Metasploit on KALI Linux