Symantec Workspace Streaming Arbitrary File Upload
This module exploits a code execution flaw in Symantec Workspace Streaming. The vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the as_agent.exe service, which allows for uploading arbitrary files under the server root. This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order to achieve remote code execution. This module has been tested successfully on Symantec Workspace Streaming 6.1 SP8 and Windows 2003 SP2. Abused services listen on a single machine deployment, and also in the backend role in a multiple machine deployment
Module Name
exploit/windows/antivirus/symantec_workspace_streaming_exec
Authors
- rgod <rgod [at] autistici.org>
- juan vazquez <juan.vazquez [at] metasploit.com>
References
Targets
- Symantec Workspace Streaming 6.1 SP8 / Java Universal
Platforms
- java
Architectures
- java
Reliability
Development
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use exploit/windows/antivirus/symantec_workspace_streaming_exec
msf exploit(symantec_workspace_streaming_exec) > show targets
...targets...
msf exploit(symantec_workspace_streaming_exec) > set TARGET <target-id>
msf exploit(symantec_workspace_streaming_exec) > show options
...show and set options...
msf exploit(symantec_workspace_streaming_exec) > exploit
'Metasploit ' 카테고리의 다른 글
D-Link Cross Site Scripting / Information Disclosure (0) | 2014.05.25 |
---|---|
HP Release Control Authenticated XXE (0) | 2014.05.20 |
Realplayer 16.0.3.51 Memory Corruption (0) | 2014.05.17 |
Mozilla Firefox 29.0 - Null Pointer Dereference Vulnerability (0) | 2014.05.17 |
Wireshark 1.10.7 - DoS PoC (0) | 2014.05.17 |