k8gege/CVE-2019-0708 k8gege/CVE-2019-0708

  • Stars
    star
    381
  • Rank 108,878 (Top 3 %)
  • Language
    Python
  • Created about 5 years ago
  • Updated almost 5 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
k8gege/CVE-2019-0708
github

k8gege

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

微软3389远程漏洞CVE-2019-0708批量检测工具

0x001 Win下检测

https://github.com/robertdavidgraham/rdpscan

C:\Users\K8team\Desktop\rdpscan-master\vs10\Release 的目录


2019/06/02  02:11    <DIR>          .
2019/06/02  02:11    <DIR>          ..
2019/06/02  01:55         2,582,016 libcrypto-1_1.dll
2019/06/02  01:57           619,520 libssl-1_1.dll
2019/06/02  02:04           172,032 rdpscan.exe
3 个文件      3,373,568 字节
2 个目录  2,462,433,280 可用字节


C:\Users\K8team\Desktop\rdpscan-master\vs10\Release>rdpscan 192.168.1.101-192.168.1.105
192.168.1.101 - VULNERABLE - CVE-2019-0708
192.168.1.102 - VULNERABLE - CVE-2019-0708


C:\Users\K8team\Desktop\rdpscan-master\vs10\Release>rdpscan 192.168.1.101-192.168.1.105
192.168.1.102 - SAFE - CredSSP/NLA required
192.168.1.101 - VULNERABLE - CVE-2019-0708

0x002 Linux下检测

https://github.com/SugiB3o/Check-vuln-CVE-2019-0708

root@kali:~/Desktop# ./rdesktop 192.168.1.101:3389
ERROR: Failed to open keymap en-us
[+] Registering MS_T120 channel.
Failed to negotiate protocol, retrying with plain RDP.
[+] Sending MS_T120 check packet (size: 0x20 - offset: 0x8)
[+] Sending MS_T120 check packet (size: 0x10 - offset: 0x4)
[!] Target is VULNERABLE!!!

 

0x003 Cscan批量检测

将rdpscan.exe以及dll文件拷贝至Cscan目录,新建Cscan.ini文件,内容如下

[Cscan]
exe=rdpscan.exe
arg=$ip$

 批量扫描

Cscan.exe 192.168.1.101/24  (扫单个C段,多个C段或B段请参考Cscan说明)

本地可使用GUI(仅.net 2.0,请根据自身或目标电脑.net版本选择Cscan版本)

0x004 Bin下载

Win下编译可能比较麻烦这里提供编译好的成品

分别是Win7 x86的exe,当然64系统下也可以用

Kali 2019 x64的可执行文件,其它版本自行编译

POC:  https://github.com/k8gege/CVE-2019-0708

Cscan: https://www.cnblogs.com/k8gege/p/10519321.html

More Repositories

1

K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
PowerShell
5,219
star
2

Ladon

Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 11.0内置234个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
PowerShell
4,075
star
3

LadonGo

LadonGO 4.5 Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Go
1,311
star
4

K8CScan

K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Python
1,050
star
5

Aggressor

Ladon 911 for Cobalt Strike & Cracked Download,Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp
842
star
6

PasswordDic

2011-2019年Top100弱口令密码字典 Top1000密码字典 服务器SSH/VPS密码字典 后台管理密码字典 数据库密码字典 子域名字典
762
star
7

scrun

BypassAV ShellCode Loader (Cobaltstrike/Metasploit)
Python
176
star
8

PowerLadon

Ladon hacking Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
PowerShell
154
star
9

CiscoExploit

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Python
127
star
10

K8PortScan

跨平台大型网络端口扫描器(支持批量A段/B段/C段/IP列表(TXT)/端口列表,Banner识别比S扫描器加强版更准)
Python
106
star
11

CVE-2019-0604

cve-2019-0604 SharePoint RCE exploit
Python
105
star
12

PortTran

PortTran (.NET端口转发工具,支持任意权限)
C#
88
star
13

ZimbraExploit

Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)
Ruby
76
star
14

sshshell

sshshell/sshcmd/sshlogin/sshcrack(SSH交互式Shell/内网渗透专用非交互式Shell/SSH密码爆破)Windows & Linux
Python
61
star
15

CVE-2020-1472-EXP

Ladon Moudle CVE-2020-1472 Exploit 域控提权神器
Python
59
star
16

PPT

PPT教程
55
star
17

SolrExp

Apache Solr <=8.2.0 Velocity Template 0day Exploit
Python
46
star
18

PyLadon

Ladon Scanner For Python, Large Network Penetration Scanner & Cobalt Strike, vulnerability / exploit / detection / MS17010/SmbGhost/CVE-2020-0796/CVE-2018-2894
Python
46
star
19

MS17010EXP

Ladon Moudle MS17010 Exploit for PowerShell
PowerShell
45
star
20

KaliLadon

Ladon for Linux (Kali), Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password
38
star
21

PhpStudyDoor

PhpStudy 2016 & 2018 BackDoor Exploit
Python
37
star
22

ChatLadon

Ladon渗透机器人,说人话自动GetShell ChatGPT编写Ladon渗透工具插件视频教程
37
star
23

k8badusb

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit
C++
34
star
24

k8gege.github.io

K8博客 k8gege.org
HTML
33
star
25

WinrmCmd

WinrmCmd/WinrmShell ( Golang\PowerShell\Python)
Go
32
star
26

JbossExploit

MSF moudle jboss invoke deploy getshell Exploit & Jboss jmx-console getshell exploit
Ruby
23
star
27

k8blog

K8blog: A simple green theme for hexo (K8博客: 一款简洁清爽绿色Hexo主题)
CSS
22
star
28

CVE-2021-40444

21
star
29

CVE-2019-11043

Ladon POC Moudle CVE-2019-11043 (PHP-FPM + Ngnix)
Python
18
star
30

cve-2021-1675

16
star
31

iisput

IIS PUT WebDAV GetShell Exploit
Python
15
star
32

DotNetNukeEXPLOIT

MSF moudle DotNetNuke GetShell & execute exploit
Ruby
11
star
33

k8gege

4
star