Easy File Sharing Metasploit Buffer Overflow.

Easy File Sharing Metasploit Buffer Overflow.

These modules exploit the Easy File Sharing 7.2 Windows program(Download) The exploits lie in the GET and HEAD requests, allowing external code to overwrite the SEH and get called and executed. Shellcode space is 390 bytes maximum allowing full meterpreter payloads to be used. This exploit works on any Windows version. Place these in the modules/exploits/winodws/ftp directory to use in metasploit. RHOST, RPORT, payload, and LHOST options are required.

Usage:

easyfilesharing_seh.rb script:

asy-File-Sharing-Metasploit-Buffer-Overflow

asy-File-Sharing-Metasploit-Buffer-Overflow

easyfilesharing_HEAD_seh.rb script:

easyfilesharing_HEAD_seh

Source : https://github.com/Starwarsfan2099