Another update
parent
8fa648744c
commit
ef1556eb62
|
@ -19,10 +19,15 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows
|
||||
Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be
|
||||
vulnerable. However, based on our testing, the most reliable setup is on Windows platforms
|
||||
running Office 2013. But please keep in mind that some other setups such as using Office
|
||||
running Office 2013. And please keep in mind that some other setups such as using Office
|
||||
2010 might be less stable, and sometimes may end up with a crash due to a failure in the
|
||||
CPackage::CreateTempFileName function.
|
||||
|
||||
This module will generate three files: an INF, a GIF, and a PPSX file. You are required to
|
||||
set up a SMB or Samba 3 server and host the INF and GIF there. Systems such as Ubuntu or an
|
||||
older version of Winodws (such as XP) work best for this because they require little
|
||||
configuration to get going. The PPSX file is what you should send to your target.
|
||||
|
||||
In detail, the vulnerability has to do with how the Object Packager 2 component
|
||||
(packager.dll) handles an INF file that contains malicious registry changes, which may be
|
||||
leveraged for code execution. First of all, Packager does not load the INF file directly.
|
||||
|
|
Loading…
Reference in New Issue