Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

Bookmark
Posted by in Hacking Tutorial | 3 comments

Type : Tutorial

Level : Medium

Attacker O.S : Backtrack 5 R1

Victim O.S : Windows 7 Ultimate

Tested Vulnerable Application : Firefox 3.6.16

Exploit Credit : Matteo Memelli  ryujin -AT- offensive-security.com

After yesterday tutorial about Opera 10|11, now we'll try another vulnerability found in Mozilla Firefox Integer Overflow.

Requirements :

1. Apache web server (included in Backtrack 5 R1)

2. Telnet / NetCat (Included in Backtrack 5 R1)

3. Exploit Script (download link)

Mediafire.com

Step by Step :

Attacker IP address : 192.168.8.93

Victim IP address : 192.168.8.91

1. Download the exploit script and then put it in your webserver. I'm using default Backtrack so the default website directory should be inside /var/www/ folder. I put the firefox.html file inside the firefox folder.

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

2. Run your Apache webserver by executing /etc/init.d/apache2 start.

3. Make the victim access the web page we've already prepared before. In this example the exploit can be accessed by typing http://192.168.8.93/firefox/firefox.html.

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

4. When victim successfully open our malicious webpage, victim computer port 4444 should be opened now and ready to receive connections.

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

5. In this example I'm using NetCat, but you also can use Telnet to access it.

Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow

Pwned!

Countermeasures :

 

1. Update your Mozilla Firefox to the latest version.

2. Use personal firewall to detect inbound or outbound connection.

Hope it's useful :-)

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Incoming search terms:

Written by Vishnu Valentino. rss twitter facebook

Founder of hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

Related posts:

  1. Hacking Mozilla Firefox 3.5 to 3.6 nsTreeRange Vulnerability Using Metasploit
  2. Exploiting Mozilla Firefox 3.6.16 mChannel Using Metasploit + Backtrack 5
  3. Hacking Windows XP SP3 via Freefloat FTP Server Command Overflow Vulnerability(Zeroday)
  4. Hacking Windows XP SP3 via Script FTP Vulnerability
  5. 4 Steps Hacking Windows via Golden FTP Server Pass Stack Buffer Overflow

Popular Posts

3 Responsesto “Hacking Windows 7 Ultimate via Mozilla Firefox Vulnerability Array.reduceRight Integer Overflow”

  1. puppet says:
    Wednesday, October 19, 2011 at 2:44 pm

    great technique!
    long time no see vishnu…
    cheers~:D

    Reply
  2. puppet says:
    Saturday, October 22, 2011 at 9:00 pm

    Im in the middle of semester break!
    not in the mood to learn security…haha
    especially when im at home..

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA Image

*

Notify me of followup comments via e-mail. You can also subscribe without commenting.