This exploit modifies a windows language registry key which causes some windows binaries to stick, including login which makes the session unusable. The key is in HKCU and can be modified without admin rights, but with a bypass UAC, all user sessions can be paralyzed by using reg.exe and user's NTUSER.DAT.
cebc8192e58860f9e56ac23e83917c52d657bce5533347a18906dba9296c9c96This Metasploit module exploits a arbitrary file upload vulnerability within the Baldr stealer malware control panel. Attackers can turn this vulnerability into remote code execution by adding malicious PHP code inside the victim logs ZIP file and registering a new bot to the panel by uploading the ZIP file under the logs directory. On versions 3.0 and 3.1 victim logs are ciphered by a random 4 byte XOR key. This exploit module retrieves the IP specific XOR key from panel gate and registers a new victim to the panel with adding the selected payload inside the victim logs.
eead6190f3debc909c6e03fa4150c29da6936794b738a1702f89596b906fc97fThis Metasploit module exploits a path traversal and a local file inclusion vulnerability on WordPress versions 5.0.0 and versions below or equal to 4.9.8. The crop-image function allows a user, with at least author privileges, to resize an image and perform a path traversal by changing the _wp_attached_file reference during the upload. The second part of the exploit will include this image in the current theme by changing the _wp_page_template attribute when creating a post. This exploit module only works for Unix-based systems currently.
bd1f2d0a7453946a4baa703e14878a8668792a590d2018556e1e736471a78c41This exploit module illustrates how a vulnerability could be exploited in an TCP server that has a parsing bug. This is an example Metasploit module to be used for exploit development.
7080c0e0772da0f83c51df64e3f6e1cc4c7d74a7c1c2265e80261599694e52d2This bug is triggered when the browser handles a JavaScript 'onLoad' handler in conjunction with an improperly initialized 'window()' JavaScript function. This exploit results in a call to an address lower than the heap. The javascript prompt() places the shellcode near where the call operand points to. The module calls prompt() multiple times in separate iframes to place our return address. The module hides the prompts in a popup window behind the main window and then it will spray the heap a second time with the shellcode and point the return address to the heap. It then uses a fairly high address to make this exploit more reliable. IE will crash when the exploit completes. Also, please note that Internet Explorer must allow popups in order to continue exploitation.
dfbe6b34adf9a6a1783c641f7329756e98c1bb69d235bba9e36f55dd9ec0f6b0This Metasploit module exploits a code execution vulnerability in the Mozilla Suite, Mozilla Firefox, and Mozilla Thunderbird applications. This exploit module is a direct port of Aviv Raff's HTML PoC.
b867c0785b780e6498eb0c3b8d27c20f4cec51a630404edc8bd0c545b8e1e652
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed