Coder Social home page Coder Social logo

k8gege / cve-2019-0708 Goto Github PK

View Code? Open in Web Editor NEW
386.0 16.0 194.0 2.33 MB

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Python 100.00%
cve-2019-0708 poc exp exploit security hacking pentest 3389 rdp k8cscan

cve-2019-0708's Introduction

微软3389远程漏洞CVE-2019-0708批量检测工具

0x001 Win下检测

https://github.com/robertdavidgraham/rdpscan

C:\Users\K8team\Desktop\rdpscan-master\vs10\Release 的目录


2019/06/02  02:11    <DIR>          .
2019/06/02  02:11    <DIR>          ..
2019/06/02  01:55         2,582,016 libcrypto-1_1.dll
2019/06/02  01:57           619,520 libssl-1_1.dll
2019/06/02  02:04           172,032 rdpscan.exe
3 个文件      3,373,568 字节
2 个目录  2,462,433,280 可用字节


C:\Users\K8team\Desktop\rdpscan-master\vs10\Release>rdpscan 192.168.1.101-192.168.1.105
192.168.1.101 - VULNERABLE - CVE-2019-0708
192.168.1.102 - VULNERABLE - CVE-2019-0708


C:\Users\K8team\Desktop\rdpscan-master\vs10\Release>rdpscan 192.168.1.101-192.168.1.105
192.168.1.102 - SAFE - CredSSP/NLA required
192.168.1.101 - VULNERABLE - CVE-2019-0708

0x002 Linux下检测

https://github.com/SugiB3o/Check-vuln-CVE-2019-0708

root@kali:~/Desktop# ./rdesktop 192.168.1.101:3389
ERROR: Failed to open keymap en-us
[+] Registering MS_T120 channel.
Failed to negotiate protocol, retrying with plain RDP.
[+] Sending MS_T120 check packet (size: 0x20 - offset: 0x8)
[+] Sending MS_T120 check packet (size: 0x10 - offset: 0x4)
[!] Target is VULNERABLE!!!

 

0x003 Cscan批量检测

将rdpscan.exe以及dll文件拷贝至Cscan目录,新建Cscan.ini文件,内容如下

[Cscan]
exe=rdpscan.exe
arg=$ip$

 批量扫描

Cscan.exe 192.168.1.101/24  (扫单个C段,多个C段或B段请参考Cscan说明)

本地可使用GUI(仅.net 2.0,请根据自身或目标电脑.net版本选择Cscan版本)

0x004 Bin下载

Win下编译可能比较麻烦这里提供编译好的成品

分别是Win7 x86的exe,当然64系统下也可以用

Kali 2019 x64的可执行文件,其它版本自行编译

POC:  https://github.com/k8gege/CVE-2019-0708

Cscan: https://www.cnblogs.com/k8gege/p/10519321.html

cve-2019-0708's People

Contributors

k8gege avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

foolzzz hotdog777714 whojeff doge-dog beyondcy crown-prince cybervstudio hkcolown ashr 20100507 lengyun123456 eastsunwong safebaseline t-pod 41578946 hkguge th-watch3r flatl1neapt jaycee007 douglas88 66ai crackercat losiry wecool yemoli djhuahao huangyuan666 xinbs gg00 daboquan ml233 kong-f mygod0rz funnyjobs mandarenmanman uuuunotfound dalaolala aydgelee rekkatz aklmtst w7374520 akpotter antonio200405 b0han711 cdpidan xlong kaisaryousuf wsfengfan test123test111 tobey123 hkylin vf3ng ncivnp ecrist subinacls infernalheaven aygkhn josephcespinosa blueicesir shelld0n himitu23 openkava diggold bluenoob akustolin pentestbr lx277856602 spam-and-abuse nm17 mehmet-tr binaryflesh wj158 girrj zulou dipsec vectornetworkteam 126g xibeichina luzhlon helloexp kk98kk0 rubyistctrldyt z3r023 bb33bb piaolin nu11point h121h tailoredaccessteam yehias flngsecurity greatspider135 shellb0y magicmoongithub dzamine jiangliujun verylove bmlovepanda gayhub-blackerie trietptm-on-coding-algorithms tinsyner

cve-2019-0708's Issues

WTF? K8哥你写POC像CXK

如题
mshta vbscript:msgbox("you play basketball like caixukun!",64,"K8gege:")(window.close)

有毒

看了下代码!

为什么~~~~
套接字发送失败要自行一个本地的shell ?
虽然我不知道 except 执行的是什么样的 本地shell,于是我改成了 systeminfo ,测试了下,靶机似乎~~~~~~
什么都没发生!

shellcode content

read the code, you can see whill run this code in you computer:
mshta vbscript:msgbox("you play basketball like caixukun!",64,"K8gege:")(window.close)

so。
什么鬼,狗日的为啥这么多人关注。。。。

cxk

律师函警告

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.