Shulou(Shulou.com)05/31 Report--

How to exploit the Intel AMT rights raising vulnerability CVE-2017-5689? in view of this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible method.

Tools: Open MDTK (ladder required) and UltraVNC

Attack plane: win7

Target machine: a South Korean Smecta server, found casually on shodan

Step: first find a vulnerable server and use the method in the previous article to log in to the default admin/admin account and delete the content in the response, and then send the package to add the administrator account.

MDTK needs to be installed, and there are many icons after installation. Run Manageability Automation Tool.

To add "managed device" in the right-click space, you need to enter the IP address and the complex password you just set.

After adding, right-click on the line you just added and select Manage Computer.

The software automatically starts the connection. When a directory appears on the left, the connection is successful.

The remote connection here is actually equivalent to KVM and can easily control the server.

The port redirection needs to be turned on here, otherwise the hosting button cannot be lit.

To enable vnc, you also need to set Remote Desktop here. Click Remote Desktop Settings to open Redirection Port (16993 Universe 16995).

Click Remote Desktop Viewer, and the Viewer Type here selects UltraVNC,Viewer Path to select the vncviewer.exe that just downloaded this machine.

After this setting, Launch Viewer can be clicked, just like 3389 under windows, and dare not log in, and domain? Smecta doesn't understand 2333.

Click on the hosting above to realize remote switch and enter BIOS automatically after boot.

This is the answer to the question on how to exploit the Intel AMT rights raising vulnerability CVE-2017-5689. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.