Metasploit OWC ActiveX Exploit
Page 1 of 1
Metasploit OWC ActiveX Exploit
HD Moore has released a second IE 0 day Metasploit Exploit Module in the past 2 weeks. The Office Web Component Exploit in Metasploit was committed to the Dev 3.3 SVN and will attack the vulnerability on the following platforms:
Windows XP SP0 to SP3 with IE6 or IE7 with Office XP or Office 2003 Installed
The exploit targets a specific spreadsheet component in ActiveX. The code for the whole exploit can be seen in trac.metasploit.com.
To use the exploit we must load it in msfconsole, for this example the console will be ran as root since we want to use port 80 for the exploit handler to listen on. This will ensure success by using the default port 80 for directed attacks as there might be filtering on the target network. We set the exploit and payload.
Windows XP SP0 to SP3 with IE6 or IE7 with Office XP or Office 2003 Installed
The exploit targets a specific spreadsheet component in ActiveX. The code for the whole exploit can be seen in trac.metasploit.com.
To use the exploit we must load it in msfconsole, for this example the console will be ran as root since we want to use port 80 for the exploit handler to listen on. This will ensure success by using the default port 80 for directed attacks as there might be filtering on the target network. We set the exploit and payload.
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» Advisory To Exploit Using Metasploit
» Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption - Metasploit exploit module
» IE Proof-of-Concept Attack Exploits Kilbitted ActiveX Control
» Adding XSSF to Metasploit Framework
» Armitage - Cyber Attack Management for Metasploit
» Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption - Metasploit exploit module
» IE Proof-of-Concept Attack Exploits Kilbitted ActiveX Control
» Adding XSSF to Metasploit Framework
» Armitage - Cyber Attack Management for Metasploit
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|