Internet Explorer zero-day attacks: CVE-2012-4969

Microsoft has confirmed that a Zero day vulnerability in its internet explorer browser is being actively attacked in the wild.

Proof of concept for IE explorer zero day

The below screen shot shows that the attacker has loaded the exploit in Metasploit and has set all the options like SRVHOST , LOCALHOST, LPORT etc.

Image

 

The following screen shot shows that the attacker hosted a the malicious page in the following URL http://192.168.2.3/is

Image

Note: This URL http://192.168.2.3/is  can be made as a Pishing URL and force victims to visit the same URL with IE browser

 

The following screenshot shows that the victim visits the same URL given by the attacker using IE browser.

Image

 

The following Screen shot shows that the attacker successfully got the shell of the victim and checking the processes running in the victims system.

Image

 

The following Screen shot shows the IP address of the victim which is 192.168.2.6 and the MAC address also

Image

 

The following screenshot shows that the attacker has root access of the victim’s laptop and has migrated to the Google chrome process.

Image 

 

The following screen shot shows that the attacker has captured a screen grab of the victim.

Image 

 

About these ads

5 responses to “Internet Explorer zero-day attacks: CVE-2012-4969

  1. I truly wanted to jot down a quick comment so as to thank you for those fabulous techniques you are giving on this website. My time consuming internet lookup has now been recognized with reasonable facts to go over with my companions. I would say that we readers actually are undoubtedly fortunate to live in a useful network with many perfect professionals with valuable opinions. I feel truly blessed to have used the website page and look forward to many more thrilling times reading here. Thanks a lot once again for a lot of things.

  2. I and also my friends have already been going through the good secrets and techniques located on your web page while all of a sudden developed a terrible feeling I never thanked the website owner for those tips. All the ladies came consequently passionate to see all of them and already have undoubtedly been loving them. Thanks for being very accommodating as well as for getting variety of fabulous tips millions of individuals are really desirous to know about. Our own sincere apologies for not expressing appreciation to sooner.

  3. I intended to write you a little bit of word to finally say thanks yet again for all the breathtaking ideas you have contributed above. It’s really surprisingly open-handed with you to provide publicly what exactly many of us could possibly have distributed as an electronic book to end up making some bucks for their own end, most importantly considering the fact that you could possibly have done it if you desired. Those points additionally worked to become a easy way to realize that most people have the identical fervor the same as my own to learn a whole lot more in regard to this matter. Certainly there are many more pleasant instances up front for individuals that check out your blog.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s