ms11_xxx_ie_css_import – Windows 7 Session

After the first test of this exploit on my Windows XP Pro victim, I decided to try my hand at a Windows 7 victim.

So I fired up my fully patched Windows 7 Ultimate victim and browsed over to the exploit website and got……..blah no session.

OK back to the drawing board, what if I change the payload me thinks…..

So many to choose from, so I picked one kinda randomly with a hunch about a shell, and chose windows/shell/reverse_tcp_dns, don’t ask me why just plucked it out of the air.

Exploit the victim again….

An error blah, but hold on ………..

A session!!!!!

Just a little clean up now required to remove the error, need to set the InitialAutoRunScript to “” and we should be good to go.

And here is the fruits……

Game Over

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s