Showing 26 - 31 of 31

Files from Eduardo Braun Prado

Personal Background

"The more I research security vulnerabilities the more I want to research"

Microsoft Windows Help HLP File Loading Hijack: Posted Apr 7, 2014; Authored by Eduardo Braun Prado; Microsoft Windows Help (Winhlp32) contains an HLP file loading hijack vulnerability because programs that invokes help from HLP files passes relative paths, causing it to load HLP files from the directory in which it was started, if they exist. Proof of concept code included.; tags | exploit, proof of concept; systems | windows; SHA-256 | 555250bab20bf8be89a3b9e62da9fd89d8bfae7044864dbc0df99dbc189d1d0e; Download | Favorite | View

MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution: Posted Sep 20, 2013; Authored by juan vazquez, Eduardo Braun Prado | Site metasploit.com; This Metasploit module exploits a vulnerability mainly affecting Microsoft Windows XP and Windows 2003. The vulnerability exists in the handling of the Screen Saver path, in the [boot] section. An arbitrary path can be used as screen saver, including a remote SMB resource, which allows for remote code execution when a malicious .theme file is opened, and the "Screen Saver" tab is viewed.; tags | exploit, remote, arbitrary, code execution; systems | windows; advisories | CVE-2013-0810, OSVDB-97136; SHA-256 | 29aaf07dcb5542222f7a271a446b80f5ab4686dc9025e8ce1f3c8d7045454193; Download | Favorite | View

Microsoft Windows 98/ME/2000/XP/2003 HTML Help File Hijack: Posted Jul 5, 2013; Authored by Luigi Auriemma, Eduardo Braun Prado; Multiple Microsoft Windows 98/ME/2000/XP/2003 HTML Help file loading hijack vulnerabilities exist. Proof of concept included.; tags | exploit, vulnerability, proof of concept; systems | linux, windows; SHA-256 | 84465488b511cd9a9bc47e5238c9e17dffafd6132f7761481d27a835c68d1123; Download | Favorite | View

First Remote Code Execution Vulnerablity Affecting Microsoft Notepad: Posted Mar 10, 2010; Authored by Eduardo Braun Prado | Site secumania.net; The MS HTML Help control activex is prone to a remote CHM help file hijack vulnerability when applications invoke help. Multiple built-in applications are vulnerable to this. The impact of the vulnerability is the loading of the incorrect CHM help file when it resides in the same directory the application invoking help starts in. This proof of concept exploit leverages Notepad to demonstrate the vulnerability.; tags | exploit, remote, activex, proof of concept; SHA-256 | d554dfbaf395542e7dbce75391389ccf6d9ee1129f374497120bd915602e661e; Download | Favorite | View

xpFireConvince.txt: Posted Apr 1, 2006; Authored by Eduardo Braun Prado; By naming a file without a name, the Windows XP firewall may inadvertently trick a user into allowing a malicious application to run.; tags | advisory; systems | windows; SHA-256 | cad8f6954428ca2eddfad293271e4550156b0d16a95b58c6520d7938abb972b8; Download | Favorite | View

MirabilizICQ.txt: Posted Feb 20, 2006; Authored by Eduardo Braun Prado; A bug in Mirabiliz ICQ could allow an attacker to trick users into executing files inside an uploaded directory.; tags | advisory; SHA-256 | 10228c07178e00f18f25f0c83f9b4267a5e75001f5907b2cb5739f6183a36609; Download | Favorite | View

Page 2 of 2 Back 1 2 Next