exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files from Eduardo Braun Prado

Real NameEduardo Braun Prado
Email addressprivate
First Active2006-02-20
Last Active2022-06-03
View User Profile

Personal Background

"The more I research security vulnerabilities the more I want to research"


Real Player 20.1.0.312 / 20.0.3.317 DLL Hijacking
Posted Jun 3, 2022
Authored by Eduardo Braun Prado | Site github.com

The Player application and the Recording Manager of Real Player versions 20.1.0.312 and 20.0.3.317 are prone to a remote DLL hijack (binary planting) issue because of an unsafe search for non-existent DLLs. To exploit the issue attackers would have to convince the target to open a media file from a WebDAV or SMB share.

tags | exploit, remote
systems | windows
SHA-256 | cdec3264c1dfb6072227ec32f752253561a495967fe39b8f043c7c2b09f4d8af
Real Player 16.0.3.51 / Cloud 17.0.9.17 / 20.0.7.309 DCP URI Remote Code Execution
Posted Jun 1, 2022
Authored by Eduardo Braun Prado | Site github.com

Real Player versions 16.0.3.51, Cloud 17.0.9.17, and 20.0.7.309 suffer from a DCP:// URI remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 8a359aeb74dfcb0d2cdf2b2a15aeb57867b10d99cfa4221cac03bafb5f4b59b9
Real Player 16.00.282 / 16.0.3.51 / Cloud 17.0.9.17 / 20.0.7.309 Remote Code Execution
Posted Jun 1, 2022
Authored by Eduardo Braun Prado | Site github.com

Real Player versions 16.00.282, 16.0.3.51, Cloud 17.0.9.17, and 20.0.7.309 suffer from external::Import() arbitrary file download and directory traversal vulnerabilities that lead to remote code execution.

tags | exploit, remote, arbitrary, vulnerability, code execution
SHA-256 | 7a753f92d50706bc1d9f139def6113809aaadcafbfbef5cdd27e58334d230325
Real Player 20.0.8.310 G2 Control DoGoToURL() Remote Code Execution
Posted Jun 1, 2022
Authored by Eduardo Braun Prado | Site github.com

The G2 Control component in Real Player version 20.0.8.310 suffer from remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 2438a58c4359d3d36d6496e285234087a41157c56bb4df448e56f6cbb9ebd664
7-Zip 16 DLL Hijacking
Posted Apr 20, 2022
Authored by Eduardo Braun Prado

7-Zip versions 16 and below, and possibly other software that utilizes the HTML Help System to display help content to the user, are prone to a remote DLL hijacking issue which leads to arbitrary code execution due to an OS issue.

tags | exploit, remote, arbitrary, code execution
systems | windows
SHA-256 | 8c60536ca33b8fdb99ab41432c7cbf8cf1095fba9f29c3616248979fbdc94e58
Windows Explorer Preview Pane HTML File Link Spoofing
Posted Dec 28, 2021
Authored by Eduardo Braun Prado

The Windows Explorer Preview Pane feature allows for spoofing of links contained in an HTML based file because upon moving the mouse over the link nothing happens and it cannot be right-clicked to show the actual target.

tags | exploit, spoof
systems | windows
SHA-256 | 1275b5aeba88545381a682189becb0cad4288ce1bb6d7f8098c04512d9cff739
Microsoft Windows Explorer Preview Pane Security Bypass
Posted Dec 28, 2021
Authored by Eduardo Braun Prado

Previewing a WMA/WMV media format on Windows Explorer through its Preview Pane causes embedded URLs to be automatically opened in the default browser without displaying any prompt.

tags | exploit
systems | windows
SHA-256 | 98dcb4f9d45ba81e279bbac6bb698eabf35adbe152670fa610b74e3e1a69a142
Microsoft Office OneNote 2007 Remote Code Execution
Posted Oct 6, 2021
Authored by Eduardo Braun Prado

Microsoft Office OneNote 2007 proof of concept exploit for a OnePKG file parsing remote code execution vulnerability. Upon decompressing files from .ONEPKG archives (using MS CAB format), a failure to sanitize file paths and file contents allows for arbitrary file planting in arbitrary locations on the OS, including the startup folder.

tags | exploit, remote, arbitrary, code execution, proof of concept
advisories | CVE-2014-2815
SHA-256 | a2e1f0872cb6d8139581f87f3c37e90d1829d74bca8d610a3d0ffadd03dd7e9d
Microsoft Windows MSHTML Overview
Posted Sep 20, 2021
Authored by Eduardo Braun Prado

This article discusses the CVE-2021-40444 vulnerability and an alternative path that reduces the lines of JS code to trigger the issue and does not require CAB archives.

tags | exploit
advisories | CVE-2021-40444
SHA-256 | 78527c30f8b16f6de1e16c3cf93b1aaa4506bde934637509d7046e6e1fd8681b
Microsoft Windows Theme API File Parsing
Posted Jan 21, 2020
Authored by Eduardo Braun Prado

This is a proof of concept for CVE-2018-8413 where the Microsoft Windows Theme API had a file parsing vulnerability.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2018-8413
SHA-256 | 151f82e511c984cae8aeb3b7d347316ee62dc83304eec3e377f5c727cc699462
Microsoft Windows Media Center .wmv Security Bypass / Code Execution
Posted Jan 21, 2020
Authored by Eduardo Braun Prado

Microsoft Windows Media Center is affected by an issue that allows malicious people to bypass the current security standards. The issue can be exploited through specially crafted wma or wmv file containing a script instruction called URL.

tags | exploit
systems | windows
SHA-256 | bdbb912cef1c9624249cb0cf3de58b254d52d33e00f68c53ac08d7311724c5a6
Microsoft Teams Instant Messenger DLL Hijacking
Posted Dec 16, 2019
Authored by Eduardo Braun Prado

Microsoft Teams Instant Messenger application on Windows 7 SP1 fully patched is vulnerable to remote DLL hijacking.

tags | exploit, remote
systems | windows
SHA-256 | 9057cc8a06f30ebf22536c568a2e34c2b876d0f6a33df1186560be4655d19284
Microsoft Windows Internet Settings Security Feature Bypass
Posted Sep 17, 2019
Authored by Eduardo Braun Prado

Microsoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019.

tags | exploit, x86, bypass
systems | windows
SHA-256 | 9e2781775184712bdc9ab152e47752736b9f68280b44bb86504561c48b892cc8
Microsoft Windows MSHTML Engine Edit Remote Code Execution
Posted Mar 13, 2019
Authored by Eduardo Braun Prado

The Microsoft Windows MSHTML Engine is prone to a vulnerability that allows attackers to execute arbitrary code on vulnerable systems because of improper validation of specially crafted web documents (html, xhtml, etc).

tags | exploit, web, arbitrary
systems | windows
advisories | CVE-2019-0541
SHA-256 | ab5af5e8f64bc27b15f7abba3e3a185f5867494093ea8fa6b49efd6810bc7bfa
Microsoft Windows VCF Arbitrary Code Execution
Posted Jan 22, 2019
Authored by Eduardo Braun Prado, hyp3rlinx

Microsoft Windows VCF or Contact file URL manipulation arbitrary code execution proof of concept exploit. Tested on Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. Both x86 and x64 architectures were tested.

tags | exploit, arbitrary, x86, code execution, proof of concept
systems | windows
SHA-256 | 4bab944a0b17daf7f0d90da83593812093fe9831c9e83e778ca90dee2aeb3463
Mozilla Firefox Picture Drag And Drop Security Bypass
Posted Oct 13, 2018
Authored by Eduardo Braun Prado

Proof of concept exploit for a Mozilla Firefox picture drag and drop security bypass vulnerability. Tested on versions 3.6.10 up to 62.0.3. Password to decompress this archive is ff2018.

tags | exploit, proof of concept, bypass
SHA-256 | d8adc87e2372c6e9fddf9c6d1a3efb95f9935a86210876bc7211efbe9f98a25e
Microsoft Windows SCF File Feature Bypass
Posted Aug 6, 2018
Authored by Eduardo Braun Prado

Microsoft Windows suffers from an SCF open file security warning feature bypass vulnerability.

tags | exploit, bypass
systems | windows
SHA-256 | 958717cd8872e33b9b2a3c4b625a8d892418f613f8faacd62f3dfc64af556111
Microsoft Windows ADODB.Record Object File Overwrite
Posted Jun 29, 2018
Authored by Eduardo Braun Prado

Microsoft Windows suffers from an ADODB.Record object file overwrite vulnerability. The password for the proof of concept zip is adorecord.

tags | exploit, proof of concept
systems | windows
SHA-256 | fa5ba9f3b0a03d61eb7be0c60781151047f183df16df52d8cab904fdcd2cc159
Microsoft Internet Explorer HTML Help Control 4.74 Bypass
Posted Jun 26, 2018
Authored by Eduardo Braun Prado

Microsoft Internet Explorer HTML Help Control version 4.74 local zone bypass exploit. Proof of concept code for an ancient vulnerability.

tags | exploit, local, proof of concept, bypass
advisories | CVE-2004-1043
SHA-256 | 7901eefcb2e2143481c3b0627e4f0d79c45b046af2b80d84196dc6c15a0701af
Microsoft Windows Paint Security Feature Bypass / Unsafe File Creation
Posted May 25, 2018
Authored by Eduardo Braun Prado

Microsoft Windows Paint suffers from security feature bypass and unsafe file creation vulnerabilities.

tags | exploit, vulnerability
systems | windows
SHA-256 | e6fef4e0b9ef146905d8a071b3b29604250562d956ddbfa3221083d5aa8a09c9
Microsoft Office 2007 Groove Security Bypass / Code Execution
Posted Oct 1, 2017
Authored by Eduardo Braun Prado

Microsoft Office 2007 Groove contains a security bypass issue regarding 'Workspace Shortcut' files (.GLK) because it allows arbitrary (registered) URL Protocols to be passed, when only 'grooveTelespace://' URLs should be allowed, which allows execution of arbitrary code upon opening a 'GLK' file.

tags | exploit, arbitrary, protocol, bypass
SHA-256 | 71de481eab5ab157ddf6152307b61745802702034930be3131e198e2871ee02f
Microsoft Excel Remote Code Execution
Posted Oct 1, 2017
Authored by Eduardo Braun Prado

Microsoft Excel contains a remote code execution vulnerability upon processing OLE objects. Versions 2007, 2010, 2013, and 2016 are affected on both architectures.

tags | exploit, remote, code execution
advisories | CVE-2017-0199
SHA-256 | 392bd639166e0212b119a8558394e917be8f6bb220eb43af93908f49838cb4c8
Microsoft Office 2007 Word Information Disclosure
Posted Oct 1, 2017
Authored by Eduardo Braun Prado

Microsoft Office 2007 Word suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | c9b6bb05b51dd531cede6d08c5bfdad7704a05145db11d28203d5380ae3673b9
Microsoft Word Local Machine Zone Remote Code Execution
Posted Jul 21, 2015
Authored by Eduardo Braun Prado

Microsoft Word, Excel, and Powerpoint 2007 contain a remote code execution vulnerability because it is possible to reference documents such as Works document (.wps) as HTML. It will process HTML and script code in the context of the local machine zone of Internet Explorer which leads to arbitrary code execution. By persuading users into opening eg. specially crafted .WPS, ".doc ", ".RTF " (with a space at the end) it is possible to trigger the vulnerability and run arbitrary code in the context of the logged on Windows user. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

tags | exploit, remote, arbitrary, local, code execution
systems | windows
advisories | CVE-2015-0097
SHA-256 | 80524257f08622d540b1f1a756c7449341987c8dd9213ef86ba1e8b6a1038bf6
Microsoft Windows Help / Support Center DoS / Overflow
Posted Apr 7, 2014
Authored by Eduardo Braun Prado

Microsoft Windows Help and Support Center contains multiple vulnerabilities that can be exploited by attackers to run arbitrary code when a drag and drop operation is performed on a webpage, cause a buffer overrun condition, and Denial of Service (DOS). Proof of concept code included.

tags | exploit, denial of service, overflow, arbitrary, vulnerability, proof of concept
systems | windows
SHA-256 | cc111b1430c4133bf0687641eb7cc07665dae44f35945c0b99ba586fc437fef5
Page 1 of 2
Back12Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    0 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close