Exploit Adobe Flash v18.0.194 (cve-2015-5119)
1. Exploit Info
Under Adobe Flash 18.0.194, there is UAF(Use After Free) vulnerability using 'ByteArray'
2. Target Info
- Victim
IP Addr : 192.168.0.34
OS : Windows 7 Ultimate x86 with ie11, flash v18.0.194
- Hacker
IP Addr : 192.168.0.35
Malicious URL : http://192.168.0.35/
OS : Kali Linux v2016.1 x86-64
3. Exploit
This time, we will try the exploit using Adobe Flash v18.0.194 UAF Bug
1. Set Modules on!
Using adobe_flash_hacking_team_uaf module
then, set meterpreter reverse shell
Let the victim who has flash under v18.0.194 enter into above link http://192.168.219.105:8080/
2. Then we can get shell successfully
Just End of PoC
- End of PoC -
4. Analyze
Details are on next post!
Link : http://zer0day.tistory.com/305
'Research > Pentesting' 카테고리의 다른 글
[Pentesting] Windows exploit with Word Macro (0) | 2016.08.04 |
---|---|
[Docs] Cracking Windows XP/7/8 Account Password (0) | 2014.04.27 |
[Pentesting] Windows 7 Exploit with ms10_046 (0) | 2014.04.27 |
[Pentesting] XP sp3 Remote Exploit with ms08_067 (0) | 2014.04.27 |
[Pentesting] XP sp3 Exploit with Backdoor (0) | 2014.04.27 |