• 25,450
  • +1,003
  • 2,796
Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

Bookmark

Type : Tutorial

Level : Medium

Attacker O.S : Backtrack 5 R1

Victim O.S : Windows 7 Ultimate

Tested Vulnerable Application : Firefox 3.6.16

Exploit Credit : Matteo Memelli  ryujin -AT- offensive-security.com

After yesterday tutorial about Opera 10|11, now we'll try another vulnerability found in Mozilla Firefox Integer Overflow.

Requirements :

1. Apache web server (included in Backtrack 5 R1)

2. Telnet / NetCat (Included in Backtrack 5 R1)

3. Exploit Script (download link)

Mediafire.com

Step by Step :

Attacker IP address : 192.168.8.93

Victim IP address : 192.168.8.91

1. Download the exploit script and then put it in your webserver. I'm using default Backtrack so the default website directory should be inside /var/www/ folder. I put the firefox.html file inside the firefox folder.

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

2. Run your Apache webserver by executing /etc/init.d/apache2 start.

3. Make the victim access the web page we've already prepared before. In this example the exploit can be accessed by typing http://192.168.8.93/firefox/firefox.html.

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

4. When victim successfully open our malicious webpage, victim computer port 4444 should be opened now and ready to receive connections.

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

5. In this example I'm using NetCat, but you also can use Telnet to access it.

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

Pwned!

Countermeasures :

 

1. Update your Mozilla Firefox to the latest version.

2. Use personal firewall to detect inbound or outbound connection.

Hope it's useful ๐Ÿ™‚

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

  • puppet

    great technique!
    long time no see vishnu…
    cheers~:D

    • v4L

      #puppet
      Long time no see you too bro….cheers ๐Ÿ™‚

  • puppet

    Im in the middle of semester break!
    not in the mood to learn security…haha
    especially when im at home..