WINDOWS 7 - EXPLOITATION
- Layout for this exercise:

- Bad Blue es is File Sharing web service application available for Windows systems that allows users to share files.
http://www.badblue.com/down.htm
- However, this application suffers from a vulnerability that can be exploited with a stack buffer overflow, affecting the PassThru functionality in ext.dll, for versions 2.72b and earlier:
https://www.exploit-db.com/exploits/16806/
- Once BadBlue downloaded, installed and accepted the License agreement, finally it is working on Windows 7, running on port TCP 80:

- The attacker detects that Bad Blue web server is running on victim's port 80:

- Searching exploits for BadBlue into the Metasploit Framework:

- Let's try this exploit:

- Options for this exploit are simple:

- The remote host is set to the victim's IP:

- The exploitation is successful:
