BlueKeep exploit + Metasploit

hello friends,
I followed this
" To test the BlueKeep exploit, ensure you’ve copied all four .rb files from this PR to the appropriate Metasploit directories, then restart msfconsole.

This PR includes changes to the core RDP library in Metasploit for this exploit.

lib/msf/core/exploit/rdp.rb
modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
modules/auxiliary/scanner/rdp/rdp_scanner.rb
modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb "

but when I run exploit I got an error > Errno::EPIPE Broken pipe

[ ] Started reverse TCP handler on 192.168.1.58:4444
[
] XX.XX.XX.XX:3389 - Detected RDP on XX.XX.XX.XX:3389 (Windows version: 6.1.7601) (Requires NLA: No)
[+] XX.XX.XX.XX:3389 - The target is vulnerable.
[ ] XX.XX.XX.XX:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1.
[
] XX.XX.XX.XX:3389 - Surfing channels …
[ ] XX.XX.XX.XX:3389 - Lobbing eggs …
[-] XX.XX.XX.XX:3389 - Exploit failed: Errno::EPIPE Broken pipe
[
] Exploit completed, but no session was created.

1 Like

I would recommend you to search for Bluekeep exploit on exploit-db > download it > run it and then perform tests on vulnerable machine. If this isn’t successful then go for Metasploit.

https://www.exploit-db.com/exploits/47120
https://www.exploit-db.com/exploits/46946

Thanks for the reply,
It seems to me that these 2 exploits are meant to cause denial of service attack,
Metasploit version is for gaining shell access,
i am wondering how can i fix this " Exploit failed: Errno::EPIPE Broken pipe " issue

Hi mjd!
You should check your code from bluekeep, so You can see the issue point where it has this “Broken pipe” written. You do know its binary-crash right?
On my code there is no “Broken pipe”, so keep looking it from Yours.
I had similar issue with web-kits. I was stuck with overflow. But I checked the timeline and went through code. Then added delay to where it waits connection to DB, so “too much information at time” didnt crash the connection. Even on DB, there is this less is better rule.

Thanks for the reply @erkkipurola
I’ve checked the code but there was no sign of “Broken pipe”
I have no clue what to do !
here is the code " https://github.com/rapid7/metasploit-framework/pull/12283 "

Hi again!

This seems to be “update” issue. Metasploit (and armitage) have same thing going on. “New released” and next to be linux distros do not let You use some modules as “illegal”.
You may have some older version of linux?
As said, Armitage works on older release, but not with updated && upgraded version.
Also some depends are not updated (apt-get --fix-missing or apt-get -f do not work on them).
So… get any older version of linux and try that for msf

Hey there
in any version of Metasploit we have to replace these files with the files that have already existed :
1.cve_2019_0708_bluekeep_rce.rb
2.rdp_scanner.rb
3.cve_2019_0708_bluekeep.rb
4.rdp.rb
so I don’t think version or update is the issue here,