Microsoft Internet Explorer 11 – Sandbox Escape

• Exploit Database
• 162 阅读

• 作者： SandboxEscaper
  日期： 2019-05-22
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/46919/
• 1 2 3 4 5 6 7 8

  Inject into IE11.   Will work on other sandboxes that allow the opening of windows filepickers through a broker.   You will gain medium IL javascript execution, at which point you simply retrigger your IE RCE bug.   EDB Note ~ Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46919.zip