Location>code7788 >text

Blue Screen Attack MS12-020

Popularity:281 ℃/2024-10-27 10:48:01

catalogs
  • 1. Blue screen attack MS12-020
    • Search for ports corresponding to active host win7 blue screen vulnerability
    • Nessus performs vulnerability scanning
    • Metasploit Exploit
      • msfconsole
      • Armitage

1. Blue screen attack MS12-020

The vulnerability targets the 3389 Remote Desktop Service (RDP) on win7, windows XP, windows server 2008 and other systems.


Basic Configuration

  • win7 ip:192.168.137.129

  • Kali ip:192.168.137.130

Win7 Enable Remote Desktop Settings

image-20241019095751263

image-20241023160529898



Search for ports corresponding to active host win7 blue screen vulnerability


nmap scanning win7 ports

image-20241024205714309

Nessus performs vulnerability scanning

/bin/systemctl start Blue Screen Vulnerability

image-20241024210609781

Metasploit Exploit

msfconsole

image-20241024210057874image-20241024210831582image-20241024210928231image-20241024210954878

Armitage

Armitage is a graphical Metasploit interface, which is based on the Metasploit framework, through the rapid generation and execution of a variety of attack modules to carry out penetration testing or attacks.Armitage through the Metasploit provides a variety of attack modules, you can scan the target host, vulnerability detection, vulnerability exploitation, lifting the right to carry out Various attack operations. Users only need to select the desired module in the Armitage graphical interface, you can quickly generate an attack task against the target host, and you can view the attack results in real time!

msfdb init

image-20241025102119670

Scanning for active hosts

image-20241025103517862image-20241025104225582

optiondos/windows/rdp/ms12_020_maxchannelids

image-20241025105201308