ComputerSecurityStudent (CSS) [Login] [Join Now]




|WINDOWS >> Damn Vulnerable Windows >> WXP-SP2 IE6 >> Current Page |Views: 34434

(Damn Vulnerable Windows XP: Lesson 2)

{ How to setup the Adobe Flash Player Exploit }


Section 0. Background Information
  1. What is Damn Vulnerable Windows XP?
    • This is a Windows XP Virtual Machine that provides a practice environment to conduct ethical penetration testing, vulnerability assessment, exploitation and forensics investigation.
    • The Microsoft Software License Terms for the IE VMs are included in the release notes.
    • By downloading and using this software, you agree to these license terms.

  2. What is Adobe Flash Player Exploit?
    • This vulnerability (CVE-2011-0609) could cause a browser crash and potentially allow an attacker to take control of the affected system.
    • This critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.

  3. Pre-Requisite
  4. Lab Notes
    • In this lab we will do the following:
      1. Download Adobe Flash 10.2.152.26
      2. Install Adobe Flash 10.2.152.26
      3. Weaken Internet Explorer Security Settings
     
  5. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2015 No content replication of any kind is allowed without express written permission.

 

Section 1: Log into Damn Vulnerable WXP-SP2
  1. Open VMware Player on your windows machine.
    • Instructions:
      1. Click the Start Button
      2. Type "vmware player" in the search box
      3. Click on VMware Player

     

  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Edit Virtual Machine Settings
    • Note:
      • Before beginning a lesson it is necessary to check the following VM settings.

     

  3. Set Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Click on the radio button "Bridged: Connected directly to the physical network".
      3. Click the OK Button

     

  4. Start Up Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Start Up your VMware Player
      2. Play virtual machine

     

  5. Logging into Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Click on Administrator
      2. Password: Supply Password
        •  (See Note)
      3. Press <Enter> or Click the Arrow
    • Note(FYI):
      1. Password was created in (Lab 1, Section 1, Step 8)

     

  6. Open the Command Prompt
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Accessories --> Command Prompt

     

  7. Obtain Damn Vulnerable WXP-SP2's IP Address
    • Instructions:
      1. ipconfig
      2. Record Your IP Address
    • Note(FYI):
      • In my case, Damn Vulnerable WXP-SP2's IP Address 192.168.1.116.
      • This is the IP Address of the Victim Machine.

 

Section 2: Install Adobe Flash 10.2.152.26
  1. Open Firefox
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Mozilla Firefox

     

  2. Download Flash 10.2.152.26 (Part 1)
    • Instructions:
      1. Navigate to the following URL
        • http://www.computersecuritystudent.com/WINDOWS/DVW/WXP_IE6/lesson2/fp_10.2.152.26_archive.zip
      2. Click the Save File Radio Button
      3. Click the OK Button

     

  3. Download Flash 10.2.152.26 (Part 2)
    • Instructions:
      1. Navigate to Desktop --> My Documents --> Downloads
      2. Click the Save Button

     

  4. Open Download Folder
    • Instructions:
      1. Tools --> Downloads
      2. Right Click on fp_10.2.152.26_archive.zip
      3. Click on Open Containing Folder

     

  5. Uncompress fp_10.2.152.26_archive.zip
    • Instructions:
      1. Right Click on fp_10.2.152.26_archive.zip
      2. Hover mouse over 7-Zip
      3. Select Extract to "fp_10.2.152.26_archive\"

     

  6. Extracting
    • Note(FYI):
      1. The extraction process will take 5 to 10 seconds
      2. Continue to next step

     

  7. Navigate to 10_2r152_26
    • Instructions:
      1. Click on fp_10.2.152.26_archive, and continue navigating down to 10_2r152_26 directory

     

  8. Open flashplayer10_2r152_26_winax
    • Instructions:
      1. Click on flashplayer10_2r152_26_winax

     

  9. Adobe Flash Player 10.2 Installer
    • Instructions:
      1. Click the checkbox
      2. Click the Install Button

     

  10. Adobe Flash Installation Complete
    • Instructions:
      1. Click the Done Button

 

Section 3: Weaken Internet Explorer Security Settings
  1. Open Internet Explorer
    • Instructions:
      1. Click on the Start Button
      2. All Programs --> Internet Explorer

     

  2. Open Internet Options
    • Instructions:
      1. Tools --> Internet Options
      2. Click the Security Tab
      3. Click the Internet Icon
      4. Click the Custom Level Button

     

  3. Configure Internet Explorer Security Settings
    • Instructions:
      1. Reset to: Low
      2. Click the Reset Button
      3. The the Yes Button, after the Warning box appears.
      4. Click the OK Button
      5. Click the OK Button
    • Note(FYI):
      1. Obviously, it is never a good idea to select the lowest browser security settings, thereby enabling all the ActiveX controls. 
      2. Accordingly, this VM will later be used to illustrate the Adobe Flash Player AVM Bytecode Verification Vulnerability.
      3. See CVE-2011-0609

     

Section 4: Proof of Lab
  1. Open the Command Prompt
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Accessories --> Command Prompt

     

  2. Proof of Lab
    • Instructions:
      1. reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\FlashPlayerActiveX"
      2. date /t
      3. echo "Your Name"
        • Put in your actual name in place of "Your Name"
        • e.g., echo "John Gray"
    • Proof of Lab Instructions
      1. Press the <Ctrl> and <Alt> key at the same time.
      2. Press the <PrtScn> key.
      3. Paste into a word document
      4. Upload to Moodle


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth