Leoid / CVE-2019-0708

Only Hitting PoC [Tested on Windows Server 2008 r2]
127 stars 43 forks source link

CVE-2019-0708

The Crashing Part [BSOD] has been removed intentionally!

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.

References:

Usage

usage: python3 poc.py -f ips.txt

Contribution, Credits & License

Ways to contribute

Licensed under the GNU GPLv3, see LICENSE for more information.