BlueKeep Vulnerability - Scanning using Metasploit on Kali Linux

BlueKeep is the nickname for the CVE-2019-0708 - Remote Desktop Services Remote Code Execution Vulnerability.
This vulnerability was disclosed by Microsoft in May 2019 and it could be potentially as disruptive as the previous EternalBlue vulnerability.
Same as EternalBlue, the BlueKeep vulnerability could allow a remote attacker to completely take over a vulnerable Windows system by executing arbitrary code on the target system.

Check the following links for more information in regards to the BlueKeep vulnerability:
Microsoft Security Bulletin CVE-2019-0708
Wikipedia
ZDNET

In this video we will use Kali Linux and the Metasploit BlueKeep scanner module to scan a test vulnerable Windows 7 workstation, then we will apply the patch provided by Microsoft and recheck.

The following Metasploit commands were used:
search BlueKeep 
This command lists the Metasploit modules containing the string "BlueKeep". 
use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
This command selects the BlueKeep scanner module.
show options
This command displays the options available for the selected module.
set RHOSTS <IP_Address or IP_Address_Range>
This command will set the target IP address (addresses) for the module.
run
This command will run the Metasploit module.

BlueKeep Vulnerability - 
Scanning using Metasploit on Kali Linux


Comments

  1. This is really nice post, I found and love this content. I will prefer this, thanks for sharing. windows pro original.

    ReplyDelete

Post a comment

Popular Posts

MS17-010 Vulnerability - Using EternalBlue exploit module in Metasploit

Generating shellcode - using msfvenom to generate a binary payload

MS17-010 Vulnerability - Scanning using Metasploit on KALI Linux