Testing Bluekeep CVE-2019–0708 Metasploit Module on Windows 7

Setting Up

Getting a Blue Screen

Finding the NPP

  • First, download the vmss2core tool https://labs.vmware.com/flings/vmss2core;
  • Take a snapshot of the VM;
  • Look for the .vmsn and .vmem files generated after the snapshot and copy them to the vmss2core directory.
  • Run the tool, passing the files in this order:
  • >vmss2core-sb-8456865.exe -W “Win7_64b-Snapshot1.vmsn” “Win7_64b-Snapshot1.vmem”
  • After that you have a memory.dmp file.
Searching nonpaged pool (fffffa8002402000 : fffffa805fc00000) for tag 0x2020202a (*   )

Finally

--

--

--

https://twitter.com/alexandrevvo

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to Scale #Security, with Don Goodman-Wilson (Sqreen)

Do Employers Worth Cybersecurity Certifications?

These steps can make your WiFi nearly unhackable

Stored XSS [Front-end To Back-end]

Datapocalypse? Only if you’re lucky

The Hustle of Key Exchange

InvArch’s Intellectual Property Modules (IPMs)

How Risky Is an Interaction? Here’s How to Tell (and Level Up Your SaaSOps Security)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alexandre Vieira

Alexandre Vieira

https://twitter.com/alexandrevvo

More from Medium

RSA Algorithm in Cryptography

Quick Guide to Kick start your journey

Day 5 of Game Dev: Establishing a productive layout in the Unity Editor!

Public Preview of VueFileManager version 2 is Finally Here!