CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/auxiliary/admin/smb/webexec_command.md
Views: 1904
Description
This module exploits a remote code execution vulnerability in Cisco's WebEx client software versions < v33.6.0.655 By supplying valid login credentials to the target machine, a single command can be executed with System privileges.
Vulnerable Application
Cisco WebEx Client v33.3.8.7 and below
Verification Steps
Install the application
Start msfconsole
Do:
use auxiliary/admin/smb/webexec_command
Do:
set RHOSTS <IP>
Do:
set SMBUser <USERNAME>
Do:
set SMBPass <PASSWORD>
Do:
run
You should get output that verifies the execution of the command
Options
FORCE_GUI
Uses WMIC to create a GUI