[[14-RDP (3389)]]

CVE-2019-0708 (BlueKeep) Vulnerability (Port:3389):

A vulnerability that's discovered and made public by Microsoft in 2019, That allows attackers to remotely execute arbitrary code and gain access to a windows machine.

================================================

The BlueKeep vulnerability affects multiple versions of Windows:

• XP
• Vista
• Windows 7
• Windows Server 2008 & R2

---

To scan it this vulnerability is in a target system:

Using MSF Module:

• auxiliary/scanner/rdp/cve_2019_0708_bluekeep

---

Exploitation:

This is a KERNAL Vulnerability so when exploiting a crash may happen

MSF module to exploit:

• exploit/windows/rdp/cve_2019_0708_bluekeep_rce ==> for exploiting the vulnerability, use show targets to specify the exact version: set target <target_number> then exploit

This module specifically made for x64 bit systems