Good evening friends, today we will see how to exploit a recent vulnerability found in Dell KACE K1000 systems. To those newbies, who don’t know what they are, the Dell KACE K1000 System Management Appliance offers a comprehensive systems management solution including initial inventory and discovery, software distribution, configuration management, patching, security vulnerability remediation, asset management, helpdesk and reporting.
This module of Metasploit exploits a file upload vulnerability in Kace K1000 versions 5.0 to 5.3, 5.4 prior to 5.4.76849 and 5.5 prior to 5.5.90547 which allows unauthenticated users to execute arbitrary commands. First of all start Metasploit and search for our exploit as shown below.
Next, load that exploit. Once the exploit is loaded, see what are the options required for our exploit to work. We will need the IP address of our target and the remote port.
Well, we already know how to find the targets if you have been following all my previous articles. Set the target IP address as shown below. See what payloads this exploit supports.
Set the payload you want. I chose the first one. Once again, check whether all options are set by typing command “show options”.
Once everything is set, use “check” command to see if our target is vulnerable. Not every system you are trying to attack is vulnerable, so keep a list of target IP’s.
Once you find a vulnerable system as shown above, type “run” command to execute our exploit. We should successfully get the remote system’s shell as shown below. Happy hacking.