Reconnaissance & Scanning

Network Reconnaissance

We will make use of the “-sn” feature in Nmap which allows us to scan for all alive hosts on the victim subnet and gives us an idea of what targets we can target.

Port Scanning

IP Address of Victim Server

Before we begin with our exploitation steps, we would have to perform a port scan on our target via Nmap to uncover the open port on the victim's machine to ensure it is opened to perform the exploitation.

Based on our Nmap scan, we are able to uncover that port 3389 (RDP) is opened, hence this suggests that we are able to exploit the victim using BlueKeep vulnerabilities

IP Address of Victim Server

Return Home

For us to indeed confirm that port 3389 is open for us to perform our BlueKeep exploit, we performed an individual IP Address Nmap scan on our yet to be victim machine

Go to Exploitation