Posted on

Limesurvey Unauthenticated File Download exploit

Good Evening Friends. Today we will see how to use Limesurvey Unauthenticated File Download exploit to download files from the remote web server. To those who don’t know what Limesurvey is, it is is a free and open source on-line survey application written in PHP. It enables users using a web interface to develop and publish on-line surveys, collect responses, create statistics, and export the resulting data to other applications.

This exploit works on Limesurvey versions 2.0+ and 2.06+ Build 151014.  For this howto, I have installed Limesurvey on  a web server as shown below.

Here’s a video version. The textual version is below the video. Please scroll down.

For this howto, I have installed Limesurvey on  a web server as shown below.

Given below are the files located in the Limesurvey directory which should not be accessible to anybody. We will try to download the “README” file using the Limesurvey Unauthenticated File Download exploit in Metasploit.

Start Metasploit and load the exploit as shown below. Set the required options also as shown below. The “filepath” option is to set what file you want to download. I have chosen “readme” file as mentioned above. I have set the “traversal_depth” option to zero as the file I want to download is in the current folder only. You can set appropriately.

Once again check the required options. It should be as below.

Type command “run” and the file will be downloaded as shown below.  Happy hacking.

Posted on

Hack Windows PC with Watermark Master BOF

Good Evening Friends. Today we will see how to hack remote Windows PC with Watermark Buffer Overflow exploit. To those newbies who don’t know what is Watermark master it is ” primarily meant for people who need to protect video or graphics files from illegal copying by putting a watermark (text or graphic information) over an image. Simple text, image file, animated GIF or video file can be used as watermark here. Besides, Watermark Master provides ability to apply a great number of various effects to a watermark, including dynamic effects. A dynamic effect implies variation of the watermark in time, for example, smooth appearance or disappearance of the watermark, movement of the watermark, etc. ” Today we will see how to hack a remote Windows 7 PC with Watermark master buffer overflow exploit. This vulnerability exists in Watermark Master 2.2.23.

You can watch the video version or scroll down if you are of  reading type.

Start Metasploit and load the exploit as shown below. Set the meterpreter/reverse_tcp payload.

Set the required options as shown below.

After setting all the required options, type “exploit”.

But before doing that, we have to create a listener. The process is shown below.

Set all the options. The lhost and lport values should be same as above.

Type command “exploit”. The exploit will run and stop exactly as shown below.

Now send this file to the victim.

Now when user opens this file as shown below,

We will get a meterpreter session as shown below.

Learn how to hack Windows with Hercules.

Posted on

Hack Windows 7 with PDF shaper BOF exploit

Hello aspiring hackers.  Today we will see how to hack Windows 7 system with PDF shaper buffer overflow exploit which exploits a vulnerability in PDF shaper 3.4. To those newbies who don’t know what is PDF shaper, it is a “collection of free PDF tools, which allows you to merge, split, encrypt and decrypt PDFs, convert images to PDF, convert PDF to Word RTF or images, extract text and images from PDF. “

We will use Kali Linux as the attacker machine for hacking Windows 7.  Start Metasploit and search for “pdf shaper” exploit. as shown below.

Copy the exploit path as shown above and load the exploit as shown below. Set the payload as “windows/meterpreter/reverse_tcp”.

Set the IP address of Kali Linux as LHOST. Type command “exploit”. A pdf file will be created as shown below.

We have to send this pdf file to our target. Before that, we will have to start a listener for this specific exploit. Load the following exploit and payload as given in the below image.

Set lhost and lport exactly as same as the values we have given above. Type command “exploit”.

Now send the file to our target. When he uses PDF shaper to convert our pdf to image as shown below

we get a meterpreter session on our attacker system as shown below.

That’s how we hack Windows 7 with Pdf Shaper BOF Overflow exploit. See how to hack Windows 10 with Hercules.