CVE-2024-38077 PoC — Microsoft Remote Desktop Client 安全漏洞

Source

https://github.com/murphysecurity/RDL-detect

Associated Vulnerability

Title:Microsoft Remote Desktop Client 安全漏洞 (CVE-2024-38077)
Description:Microsoft Remote Desktop Client是美国微软（Microsoft）公司的一款远程桌面客户端。 Microsoft Remote Desktop Client存在安全漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响：Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core install

Description

远程探测 remote desktop licensing 服务开放情况，用于 CVE-2024-38077 漏洞快速排查

Readme

# Remote Desktop Licensing 服务排查 
参考https://github.com/fortra/impacket/blob/master/examples/rpcdump.py

通过MSRPC枚举开放服务，根据UUID: 3d267954-eeb7-11d1-b94e-00c04fa3080d判断是否包含Terminal Server Licensing 

用法：`python3 rdl-detect.py 目标IP`

File Snapshot


 [4.0K]  /data/pocs/3b05e13b3dc2f1a36570003d272c7a71bbdb4f0e
├── [7.9K]  rdl-detect.py
└── [ 282]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!