Explain Like I’m 5: Remote Desktop Protocol (RDP)
Tags
| attack-pattern: | Data Direct Model Remote Desktop Protocol - T1021.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Remote Desktop Protocol - T1076 |
Common Information
| Type | Value |
|---|---|
| UUID | 34ca36ec-eed9-4678-908b-ec1b7ef862a8 |
| Fingerprint | 35988d9a4e210e9d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 7, 2020, midnight |
| Added to db | Dec. 18, 2024, 8:01 p.m. |
| Last updated | Dec. 23, 2024, 9:06 p.m. |
| Headline | Explain Like I’m 5: Remote Desktop Protocol (RDP) |
| Title | Explain Like I’m 5: Remote Desktop Protocol (RDP) |
| Detected Hints/Tags/Attributes | 52/1/26 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 222 | cve-2019-0708 |
|
| Details | CVE | 19 | cve-2019-1181 |
|
| Details | CVE | 14 | cve-2019-1182 |
|
| Details | CVE | 1 | cve-2018-8785 |
|
| Details | Domain | 23 | www.malwaretech.com |
|
| Details | Domain | 16 | www.coresecurity.com |
|
| Details | Domain | 3 | blog.tetrane.com |
|
| Details | Domain | 3 | cyberx-labs.com |
|
| Details | Domain | 12 | bbs.pediy.com |
|
| Details | Domain | 144 | shodan.io |
|
| Details | File | 2 | termdd.sys |
|
| Details | File | 1 | analysis-of-cve-2019-0708-bluekeep.html |
|
| Details | File | 42 | www.core |
|
| Details | File | 1 | bluekeep.html |
|
| Details | File | 5 | rdpcorets.dll |
|
| Details | File | 3 | rdpbase.dll |
|
| Details | File | 1 | dejablue-analyzing-a-rdp-heap-overflow.html |
|
| Details | File | 1 | thread-256766.htm |
|
| Details | Url | 1 | https://www.zerodayinitiative.com/blog/2019/5/27/cve-2019-0708-a-comprehensive-analysis-of-a-remote-desktop-services-vulnerability |
|
| Details | Url | 1 | https://unit42.paloaltonetworks.com/exploitation-of-windows-cve-2019-0708-bluekeep-three-ways-to-write-data-into-the-kernel-with-rdp-pdu |
|
| Details | Url | 1 | https://www.malwaretech.com/2019/05/analysis-of-cve-2019-0708-bluekeep.html |
|
| Details | Url | 1 | https://www.coresecurity.com/blog/low-level-reversing-bluekeep-vulnerability-cve-2019-0708 |
|
| Details | Url | 1 | https://blog.tetrane.com/2020/01/22/bluekeep.html |
|
| Details | Url | 1 | https://www.malwaretech.com/2019/08/dejablue-analyzing-a-rdp-heap-overflow.html |
|
| Details | Url | 1 | https://cyberx-labs.com/blog/analyzing-the-dejablue-heap-overflow-vulnerability/#_toc28622447 |
|
| Details | Url | 1 | https://bbs.pediy.com/thread-256766.htm |