Exploit the possiblities
Showing 1 - 25 of 182 RSS Feed

Operating System: Windows 7

Apple Security Advisory 2017-10-31-7
Posted Nov 1, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-10-31-7 - iCloud for Windows 7.1 is now available and addresses multiple code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788, CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794, CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802, CVE-2017-13803
MD5 | 26891f75fd57c0122ac654f4a17c984c
Apple Security Advisory 2017-09-25-2
Posted Sep 28, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-25-2 - iCloud for Windows 7 is now available and addresses memory corruption, arbitrary code execution, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7106, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7127
MD5 | 4e44e4b681ebf9ba18ffaf6ae1da2982
Demystifying Windows Kernel Exploitation By Abusing GDI Objects
Posted Aug 8, 2017
Site sensepost.com

Demystifying Windows Kernel Exploitation by Abusing GDI Objects. This has the Windows 7 SP1 x86 exploit demonstrated at Defcon 25.

tags | exploit, x86, kernel
systems | windows, 7
MD5 | 52d4377ede9d242df50d7a38f59a4d4d
Metasploit RPC Console Command Execution
Posted Jul 22, 2017
Authored by Brendan Coles | Site metasploit.com

This Metasploit module connects to a specified Metasploit RPC server and uses the 'console.write' procedure to execute operating system commands. Valid credentials are required to access the RPC interface. This Metasploit module has been tested successfully on Metasploit 4.15 on Kali 1.0.6; Metasploit 4.14 on Kali 2017.1; and Metasploit 4.14 on Windows 7 SP1.

tags | exploit
systems | windows, 7
MD5 | b76c5685a0298b752e8aaaf4f214e190
Microsoft Windows 7 SP1 x86 GDI Palette Objects Local Privilege Escalation
Posted Jul 19, 2017
Authored by Saif

Microsoft Windows 7 SP1 x86 GDI palette objects local privilege escalation exploit that leverages the vulnerability as described in MS17-017.

tags | exploit, x86, local
systems | windows, 7
MD5 | ab4d0df9332bcf2c1c566cf56cc2b9ab
Microsoft Internet Explorer 11 CMarkup::DestroySplayTree Memory Corruption
Posted Jul 18, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Internet Explorer suffers from a memory corruption vulnerability in CMarkup::DestroySplayTree. The bug was confirmed on IE version 11.0.9600.18617 (Update version 11.0.40) running on Windows 7 64-bit.

tags | exploit
systems | windows, 7
advisories | CVE-2017-8594
MD5 | cdc2215843df74b066e451921f6fea5c
EternalBlue Exploit Analysis And Port To Microsoft Windows 10
Posted Jun 7, 2017
Authored by Sean Dillon, Dylan Davis

On April 14, 2017, the Shadow Brokers Group released the FUZZBUNCH framework, an exploitation toolkit for Microsoft Windows. The toolkit was allegedly written by the Equation Group, a highly sophisticated threat actor suspected of being tied to the United States National Security Agency (NSA). The framework included ETERNALBLUE, a remote kernel exploit originally targeting the Server Message Block (SMB) service on Microsoft Windows XP (Server 2003) and Microsoft Windows 7 (Server 2008 R2). In this paper, the RiskSense Cyber Security Research team analyzes how using wrong-sized CPU registers leads to a seemingly innocuous mathematical miscalculation. This causes a chain reaction domino effect ultimately culminating in code execution, making ETERNALBLUE one of the most complex exploits ever written. They will discuss what was necessary to port the exploit to Microsoft Windows 10, and future mitigations Microsoft has already deployed, which can prevent vulnerabilities of this class from being exploited in the future. The FUZZBUNCH version of the exploit contains an Address Space Layout Randomization (ASLR) bypass, and the Microsoft Windows 10 version required an additional Data Execution Prevention (DEP) bypass not needed in the original exploit.

tags | paper, remote, kernel, vulnerability, code execution
systems | windows, xp, 7
MD5 | 0e04e472a5f9e98389f5f1e13ec2bf50
VX Search Enterprise GET Buffer Overflow
Posted May 23, 2017
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows, 7
MD5 | d253f613c50ab1d748ea4f581c269908
Sync Breeze Enterprise GET Buffer Overflow
Posted May 20, 2017
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Sync Breeze Enterprise v9.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows, 7
MD5 | f3556ba8acc91d809655f9aaf8017697
Microsoft Windows 7/2008 R2 x64 EternalBlue Remote Code Execution
Posted May 20, 2017
Authored by sleepya

Microsoft Windows 7/2008 R2 x64 EternalBlue SMB remote code execution exploit that leverages MS17-010.

tags | exploit, remote, code execution
systems | windows, 7
advisories | CVE-2017-0144
MD5 | 376497a061ce1620c9f18e1a8d725067
Dup Scout Enterprise 9.5.14 Buffer Overflow
Posted May 17, 2017
Authored by Daniel Teixeira, vportal | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Dup Scout Enterprise v9.5.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows, 7
MD5 | 56aad3822c1d8c83c5c90f04a016891e
Serviio Media Server checkStreamUrl Command Execution
Posted May 17, 2017
Authored by LiquidWorm, Brendan Coles | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service (on port 23423 by default) exposes a REST API which which does not require authentication. The 'action' API endpoint does not sufficiently sanitize user-supplied data in the 'VIDEO' parameter of the 'checkStreamUrl' method. This parameter is used in a call to cmd.exe resulting in execution of arbitrary commands. This Metasploit module has been tested successfully on Serviio Media Server versions 1.4.0, 1.5.0, 1.6.0 and 1.8.0 on Windows 7.

tags | exploit, remote, arbitrary
systems | windows, 7
advisories | OSVDB-41961
MD5 | ab1da9f50ece75772d5c07e501778759
Disk Sorter Enterprise 9.5.12 GET Buffer Overflow
Posted Apr 24, 2017
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Disk Sorter Enterprise version 9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows, 7
MD5 | d0efa18e6955b9b943952b0d59267c45
How To Exploit EternalBlue And DoublePulsar Spanish Version
Posted Apr 20, 2017
Authored by Sheila A. Berta

Whitepaper explaining how to exploit EternalBlue and DoublePulsar to get an empire/meterpreter session on Windows 7 and 2008. Spanish version of this paper.

tags | paper
systems | windows, 7
MD5 | 6074d8aecbb5bfe4f10b3186617d1b5b
How To Exploit EternalBlue And DoublePulsar English Version
Posted Apr 20, 2017
Authored by Sheila A. Berta

Whitepaper explaining how to exploit EternalBlue and DoublePulsar to get an empire/meterpreter session on Windows 7 and 2008. English version of this paper.

tags | paper
systems | windows, 7
MD5 | 9923b32818775889684c2df610bb45d5
Microsoft Office Powerpoint 2010 MSO/OART Heap Out-Of-Bounds Access
Posted Feb 18, 2017
Authored by Google Security Research, scvitti

Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled suffers from a heap out-of-bounds access issue that leads to a memory corruption condition.

tags | exploit, x86
systems | windows, 7
MD5 | ca1c82365cc2a1b575eafd2a2e538109
Microsoft Office 2010 MSO!Ordinal5429 Heap Corruption
Posted Feb 18, 2017
Authored by Google Security Research, scvitti

Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled suffers from a heap corruption issue due to a missing length check.

tags | exploit, x86
systems | windows, 7
MD5 | ceb97370c320f4b5f667b446d895a4c1
DiskSavvy Enterprise 9.1.14 / 9.3.14 GET Buffer Overflow
Posted Jan 21, 2017
Authored by Gabor Seljan, vportal | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise versions 9.1.14 and 9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 7 SP1.

tags | exploit, web, overflow
systems | windows, xp, 7
MD5 | 244612d591613e9d47ec88b520093be6
DiskBoss Enterprise GET Buffer Overflow
Posted Jan 14, 2017
Authored by Gabor Seljan, vportal | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12 and v7.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 7 SP1.

tags | exploit, web, overflow
systems | windows, xp, 7
MD5 | 43c8243a64168ab1500c84e69d75b506
Microsoft Windows Type 1 Font Processing Privilege Escalation
Posted Dec 15, 2016
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the win32k.sys when processing Type 1 fonts, which can be exploited to trigger a NULL pointer dereference and subsequently cause a kernel crash or gain elevated privileges via a specially crafted PFB font. The vulnerability is confirmed on a fully patched Windows 7 Professional (win32k.sys version 6.1.7601.23545).

tags | advisory, denial of service, kernel, local
systems | windows, 7
advisories | CVE-2016-7259
MD5 | feffd2a6827fd6748079e32126b68294
Windows Capcom.sys Kernel Execution Exploit (x64 only)
Posted Oct 3, 2016
Authored by OJ Reeves, TheWack0lian | Site metasploit.com

This Metasploit module abuses the Capcom.sys kernel driver's function that allows for an arbitrary function to be executed in the kernel from user land. This function purposely disables SMEP prior to invoking a function given by the caller. This has been tested on Windows 7 x64.

tags | exploit, arbitrary, kernel
systems | windows, 7
MD5 | 2fe53284a42eaf97cc8143bd7230cf49
Microsoft Windows 7 Group Policy Privilege Escalation
Posted Aug 8, 2016
Authored by Nabeel Ahmed

Microsoft Windows 7 (x32/x64) suffers from a group policy privilege escalation vulnerability as described in MS16-072.

tags | exploit
systems | windows, 7
MD5 | d6f8174782399c57519b9e9ff862ec45
Windows 7/x86 localhost Port Scanner Shellcode
Posted Aug 2, 2016
Authored by Roziul Hasan Khan Shifat

556 bytes large Windows 7/x86 localhost port scanner shellcode.

tags | x86, shellcode
systems | windows, 7
MD5 | 365e00e93798bfa17b0e6db32cefec9e
MS16-032 Secondary Logon Handle Privilege Escalation
Posted Jul 12, 2016
Authored by b33f, James Forshaw, khr0x40sh | Site metasploit.com

This Metasploit module exploits the lack of sanitization of standard handles in Windows' Secondary Logon Service. The vulnerability is known to affect versions of Windows 7-10 and 2k8-2k12 32 and 64 bit. This Metasploit module will only work against those versions of Windows with Powershell 2.0 or later and systems with two or more CPU cores.

tags | exploit
systems | windows, 7
advisories | CVE-2016-0099
MD5 | 37a34759947c810455938c65ab482084
Windows 7 SP1 x86 Privilege Escalation
Posted Jun 30, 2016
Authored by blomster81

Windows 7 SP1 x86 privilege escalation exploit that leverages the issue documented in MS16-014.

tags | exploit, x86
systems | windows, 7
advisories | CVE-2016-0400
MD5 | 74a7278c257d49aa95bce167963b335c
Page 1 of 8
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    1 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close