Comments (2)
Yes find the correct spot in the heap memory pool,It's not insanely difficult,if you've exploited buffer overflows then just do the same thing here(sort of) Run a debugger on the RDP machine to watch the mem pool. Setting the value of ECX to a actual memory address instead of "AAAAAAAAAAA" will allow you to control the space of EAX. << where the shellcode needs to land. << achieved by heap spraying, The above code very well could work replacing the A's with your shellcode I'm not sure yet. I'll give this a shot later tonight an try my luck,Since the only thing holding back a real public PoC has done is create a market for a working exploit for this on the market places(they exist already if you have the $$) which is counter productive to public security. Knowledge is security - Not withholding knowledge. I'll give this my best shot,it's not hard just annoying lol.
from bluekeep_cve-2019-0708_poc_to_exploit.
Due to Inactivity
from bluekeep_cve-2019-0708_poc_to_exploit.
Related Issues (20)
- Commenting out tls.sendall(bytes(magic, "utf-8")), gives same 'result' HOT 23
- What after successful run? HOT 5
- error HOT 1
- can u show more info about this exp? HOT 1
- Working Shellcode HOT 5
- how to modify the content of method 'client_active_confirmation_pdu' HOT 1
- client logs HOT 2
- Impacket issue HOT 2
- 报错 “远程主机强迫关闭了一个现有连接” error ”The remote host forced an existing connection to close" HOT 2
- wtf is that HOT 1
- Shelcode generation seems useless HOT 17
- Party Foul
- Some random guy tried to exploit our peaceful community here on github HOT 2
- why the local port is random HOT 3
- Why don't you just add "bytes = os.system"? 👎 HOT 1
- why your shellcode not involved ASLR HOT 2
- i just use the tool to generate a shellcode ,but nothing happend HOT 9
- unable to connect: (10054, 'WSAECONNRESET') HOT 1
- unable to connect: str() takes at most 1 argument (2 given) HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bluekeep_cve-2019-0708_poc_to_exploit.