About a week ago Rapid7 announced on their blog (Initial Metasploit Exploit Module for BlueKeep (CVE-2019-0708)), they are releasing an initial exploit module for CVE-2019-0708. The current module is targeting x64 win7 and win2008 R2.
msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > show targets
Exploit targets:
Id Name
-- ----
0 Automatic targeting via fingerprinting
1 Windows 7 SP1 / 2008 R2 (6.1.7601 x64)
2 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Virtualbox)
3 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - VMWare)
4 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Hyper-V)I had setup a windows 7 pro version testing machine on my virtual box. Please refer to the following :
It works ! nice 🙂
