[POC]微軟3389遠程漏洞CVE-2019-0708批量檢測工具

0x001 Win下檢測

https://github.com/robertdavidgraham/rdpscan

C:\Users\K8team\Desktop\rdpscan-master\vs10\Release 的目錄

2019/06/02  02:11    <DIR>          .
2019/06/02  02:11    <DIR>          ..
2019/06/02  01:55         2,582,016 libcrypto-1_1.dll
2019/06/02  01:57           619,520 libssl-1_1.dll
2019/06/02  02:04           172,032 rdpscan.exe
               3 個文件      3,373,568 字節
               2 個目錄  2,462,433,280 可用字節

C:\Users\K8team\Desktop\rdpscan-master\vs10\Release>rdpscan 192.168.1.101-192.168.1.105
192.168.1.101 - VULNERABLE - CVE-2019-0708
192.168.1.102 - VULNERABLE - CVE-2019-0708

C:\Users\K8team\Desktop\rdpscan-master\vs10\Release>rdpscan 192.168.1.101-192.168.1.105
192.168.1.102 - SAFE - CredSSP/NLA required
192.168.1.101 - VULNERABLE - CVE-2019-0708

0x002 Linux下檢測

https://github.com/SugiB3o/Check-vuln-CVE-2019-0708

root@kali:~/Desktop# ./rdesktop 192.168.1.101:3389
ERROR: Failed to open keymap en-us
[+] Registering MS_T120 channel.
Failed to negotiate protocol, retrying with plain RDP.
[+] Sending MS_T120 check packet (size: 0x20 - offset: 0x8)
[+] Sending MS_T120 check packet (size: 0x10 - offset: 0x4)
[!] Target is VULNERABLE!!!

 

0x003 Cscan批量檢測

將rdpscan.exe以及dll文件拷貝至Cscan目錄,新建Cscan.ini文件,內容以下

[Cscan]
exe=rdpscan.exe
arg=$ip$

 批量掃描

Cscan.exe 192.168.1.101/24  (掃單個C段，多個C段或B段請參考Cscan說明)

本地可以使用GUI(僅.net 2.0,請根據自身或目標電腦.net版本選擇Cscan版本)

0x004 Bin下載

Win下編譯可能比較麻煩這裏提供編譯好的成品

分別是Win7 x86的exe，固然64系統下也能夠用

Kali 2019 x64的可執行文件,其它版本自行編譯

POC:  https://github.com/k8gege/CVE-2019-0708

Cscan: http://www.javashuo.com/article/p-xhgigpwl-kn.html