CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/windows/http/easychatserver_seh.md
Views: 1904
Description
This module exploits a vulnerability in the EFS Easy Chat Server application versions 2 through 3.1. The username parameter in the Registration page 'register.php', which is prone to a stack overflow vulnerability.
This module allows a remote attacker to execute a payload under the context of the user running the Easy Chat Server application
Vulnerable Application
Easy Chat Server Easy Chat Server is an easy, fast and affordable way to host and manage real-time communication software.
This module has been tested successfully on
Easy Chat Server 3.1 on Windows XP En SP3
Installers:
EFS Easy Chat Server Installers
Verification Steps
Start
msfconsole
Do:
use exploits/windows/http/easychatserver_seh
Do:
set rhosts [IP]
Do:
exploit
You should get your payload executed