Table of contents
Step 1: Turn on the remote desktop function of the target drone
Step 2: Kali uses the nmap scanning tool to check whether port 3389 is
Step 3: Use msfconsole to enter metasploit
Step 4: Find the corresponding module for Ms12-020
Step 5: Select the corresponding vulnerability detection module
Step 7: Re-enter Ms12-020 module selection and run the attack module
Step 8: Locate the IP of the target machine and carry out the attack
1. Experimental purpose
Metasploit is a free, downloadable framework that makes it easy to obtain, develop, and exploit computer software vulnerabilities. It comes with professional-grade exploit tools for hundreds of known software vulnerabilities.
Ms12-020 is a vulnerability in the Remote Desktop Protocol of Windows systems. Through this vulnerability, an attacker can cause a system blue screen failure by sending specific content to the target system.
This experiment will use Metasploit to reproduce and attack the MS12-020 vulnerability.
2. Experimental process
Step 1: Turn on the remote desktop function of the target drone
Figure 1 Open remote desktop
Note: Since this vulnerability is a remote desktop function vulnerability, the remote desktop function must be enabled on the target machine.
Step 2: Kali uses the nmap scanning tool to check whether port 3389 is
Figure 2 Confirm that port 3389 is open
Step 3: Use msfconsole to enter metasploit
Figure 3 Start msfconsole
Step 4: Find the corresponding module for Ms12-020
Figure 4 Find the module corresponding to the vulnerability
Step 5: Select the corresponding vulnerability detection module
Figure 5 Select vulnerability detection module
Note: Select auxiliary/scanner/rdp/ms12_020_check here
Step 6: Establish the target address of the target machine and run it to detect the existence of the vulnerability.
Figure 6: Create address, run, detect vulnerability
Step 7: Re-enter Ms12-020 module selection and run the attack module
Figure 7 Select attack module
Step 8: Locate the IP of the target machine and carry out the attack
Figure 8 Locate the IP of the target machine and carry out the attack