Type : Tutorial
Level : Medium
Attacker O.S : Backtrack 5 R1
Victim O.S : Windows 7 Ultimate
Tested Vulnerable Application : Firefox 3.6.16
Exploit Credit : Matteo Memelli ryujin -AT- offensive-security.com
After yesterday tutorial about Opera 10|11, now we'll try another vulnerability found in Mozilla Firefox Integer Overflow.
1. Apache web server (included in Backtrack 5 R1)
2. Telnet / NetCat (Included in Backtrack 5 R1)
3. Exploit Script (download link)
Attacker IP address : 192.168.8.93
Victim IP address : 192.168.8.91
1. Download the exploit script and then put it in your webserver. I'm using default Backtrack so the default website directory should be inside /var/www/ folder. I put the firefox.html file inside the firefox folder.
2. Run your Apache webserver by executing /etc/init.d/apache2 start.
3. Make the victim access the web page we've already prepared before. In this example the exploit can be accessed by typing http://192.168.8.93/firefox/firefox.html.
4. When victim successfully open our malicious webpage, victim computer port 4444 should be opened now and ready to receive connections.
5. In this example I'm using NetCat, but you also can use Telnet to access it.
1. Update your Mozilla Firefox to the latest version.
2. Use personal firewall to detect inbound or outbound connection.
Hope it's useful