Microsoft Windows .NET Framework – Remote Code Execution

Exploit Database
14 阅读

作者： Voulnet

日期： 2017-09-13
类别：
- remote
平台：
- windows
来源：https://www.exploit-db.com/exploits/42711/

Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample

Running CVE-2017-8759 exploit sample.

Flow of the exploit:

Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WSDL parser log. Then the parsing log results in running mshta.exe which in turn runs a powershell commands that runs mspaint.exe

To test:

Run a webserver on port 8080, and put the files exploit.txt and cmd.hta on its root. For example python -m SimpleHTTPServer 8080

If all is good mspaint should run.


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42711.zip

last Exploits
Microsoft Windows .NET Framework – Remote Code Execution的更多信息

Mozilla Firefox/Thunderbird/SeaMonkey – Multiple HTML Injection Vulnerabilities：
Cisco Data Center Network Manager – Unauthenticated Remote Code Execution (Metasploit)：
op5 7.1.9 – Configuration Command Execution (Metasploit)：
Google Android – ‘BadKernel’ Remote Code Execution：
Belkin Bulldog Plus – Web Service Buffer Overflow (Metasploit)：
Cisco Prime Infrastructure – (Unauthenticated) Remote Code Execution：
ZEN Load Balancer Filelog – Command Execution (Metasploit)：
BestSafe Browser – Man In The Middle Remote Code Execution：