While recently using cve_2019_0708_bluekeep_rce.rb in msf6, I noticed that the target options were listed in different orders in "show options" versus "set target" commands. For me this meant that the target I thought I was setting was not the target assigned.
output from "set target" autocomplete:
msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set target
set target 0 set target Automatic\ targeting\ via\ fingerprinting
set target 1 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64)
set target 2 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ AWS)
set target 3 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ Hyper-V)
set target 4 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ QEMU/KVM)
set target 5 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ VMWare\ 14)
set target 6 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ VMWare\ 15)
set target 7 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ VMWare\ 15.1)
set target 8 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ Virtualbox\ 6)
however, iterating thru "set target" then "show options" comes the inconsistency:
msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set target 8
target => 8
msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > show options
...
Id Name
8 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - QEMU/KVM)
Summary
While recently using cve_2019_0708_bluekeep_rce.rb in msf6, I noticed that the target options were listed in different orders in "show options" versus "set target" commands. For me this meant that the target I thought I was setting was not the target assigned.
output from "set target" autocomplete:
msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set target set target 0 set target Automatic\ targeting\ via\ fingerprinting set target 1 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64) set target 2 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ AWS) set target 3 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ Hyper-V) set target 4 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ QEMU/KVM) set target 5 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ VMWare\ 14) set target 6 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ VMWare\ 15) set target 7 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ VMWare\ 15.1) set target 8 set target Windows\ 7\ SP1\ /\ 2008\ R2\ (6.1.7601\ x64\ -\ Virtualbox\ 6)
however, iterating thru "set target" then "show options" comes the inconsistency:
msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set target 8 target => 8 msf6 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > show options ...
Id Name 8 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - QEMU/KVM)
...and so on:
7 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - AWS) 6 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Hyper-V) 5 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - VMWare 15.1) 4 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - VMWare 15) 3 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - VMWare 14) 2 Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Virtualbox 6 1 Windows 7 SP1 / 2008 R2 (6.1.7601 x64)