Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass) | Lucideus Research

Description:
The vulnerability lies in 'UserID', there is no character limit present.Original shellcode executes 'calc.exe' on the target machine, using ps1encode sct (Windows Scriptlet) payload we can get a shell as shown in this poc.

Title: Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)

CVE Number: CVE-2018-9059

Type: Remote

Vulnerable Application: Easy File Sharing Web Server v7.2

Tested on: Windows 7 Enterprise Edition (SP1)

Attacker Machine: Kali Linux 2018.2

                                                              Video POC

No comments:

Powered by Blogger.