Microsoft Skype 7.2 / 7.35 / 7.36 Buffer Overflow

2017-06-26T00:00:00
ID PACKETSTORM:143143
Type packetstorm
Reporter Benjamin Kunz Mejri
Modified 2017-06-26T00:00:00

Description

                                        
                                            `Document Title:  
===============  
Microsoft Skype v7.2, v7.35 & v7.36 - Stack Buffer Overflow Vulnerability  
  
  
References (Source):  
====================  
https://www.vulnerability-lab.com/get_content.php?id=2071  
  
MSRC ID: 38778   
TRK ID: 0461000724  
  
Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2017/05/28/stack-buffer-overflow-zero-day-vulnerability-uncovered-microsoft-skype-v72-v735  
  
Video: https://www.vulnerability-lab.com/get_content.php?id=2084  
  
  
Release Date:  
=============  
2017-06-26  
  
  
Vulnerability Laboratory ID (VL-ID):  
====================================  
2071  
  
  
Common Vulnerability Scoring System:  
====================================  
7.2  
  
  
Vulnerability Class:  
====================  
Buffer Overflow  
  
  
Current Estimated Price:  
========================  
25.000a! - 35.000a!  
  
  
Product & Service Introduction:  
===============================  
Skype is an instant messaging app that provides online text message and video chat services. Users may transmit both text and video messages   
and may exchange digital documents such as images, text, and video. Skype allows video conference calls. Skype allows users to communicate   
over the Internet by voice using a microphone, by video using a webcam, and by instant messaging. Skype-to-Skype calls to other users are   
free of charge, while calls to landline telephones and mobile phones (over traditional telephone networks) are charged via a debit-based   
user account system called Skype Credit. Some network administrators have banned Skype on corporate, government, home, and education networks,  
citing such reasons as inappropriate usage of resources, excessive bandwidth usage and security concerns. Skype originally featured a hybrid   
peer-to-peer and clientaserver system. Skype has been powered entirely by Microsoft-operated supernodes since May 2012.   
  
(Copy of the Homepage: https://en.wikipedia.org/wiki/Skype )  
  
  
Abstract Advisory Information:  
==============================  
The vulnerability laboratory core research team discovered a stack buffer overflow vulnerability in the official Microsoft Skype v7.2, v7.3.5.103 & v7.3.6 software.  
  
  
Vulnerability Disclosure Timeline:  
==================================  
2017-05-16: Researcher Notification & Coordination (Benjamin Kunz Mejri)  
2017-05-17: Vendor Notification (Microsoft Security Response Center - MSRC)  
2017-05-24: Vendor Response/Feedback (Microsoft Security Response Center - MSRC)  
2017-06-08: Vendor Fix/Patch (Microsoft Service Developer Team)  
2017-06-25: Security Acknowledgements (Microsoft Security Response Center - MSRC)  
2017-06-26: Public Disclosure (Vulnerability Laboratory)  
  
  
Discovery Status:  
=================  
Published  
  
  
Affected Product(s):  
====================  
Microsoft Corporation  
Product: Skype - Software Client 7.2, 7.35.103 & 7.36.0.101 & 7.36.0.150  
  
  
Exploitation Technique:  
=======================  
Local  
  
  
Severity Level:  
===============  
High  
  
  
Technical Details & Description:  
================================  
A remote and local stack buffer overflow vulnerability has been discovered in the official Microsoft Skype v7.2, v7.3.5 & v7.3.6 software client.  
The security vulnerability allows to crash the software application with an unexpected exception error, to overwrite the active process registers   
to execute own malcious codes.  
  
The skype software is using a dll in case of a copy request on the local systen. We place a picture in our clipboard (we take a screenshot in this example),   
this needs to be copied from a remote desktop system. This can be pasted into the local skype message box, by the paste function. Then the picture is taken   
from the clipboard (which is the rdp remote clipboard content) and successfully copies it into the message box.  
  
The security vulnerability is located in the `clipboard format` function of the skype software. Attackers are able to use a remote computer system with a   
shared clipboard, to provoke a stack buffer overflow on transmittion to skype. The issue affects the `MSFTEDIT.DLL` dynamic link library of the windows8 (x86)   
operating system. The limitation of the transmitted size and count for images via print of the remote session clipboard has no secure limitations or restrictions.   
Attackers are able to crash the software with one request to overwrite the eip register of the active software process. Thus allows local or remote attackers to   
execute own codes on the affected and connected computer systems via the skype software.  
  
The attacker opens a local computer system connection and establishes a RDP connection to another system. First the attacker enables the clipboard function for   
the remote session. This is possible by the basic rdp settings in the `Local Devices & Resources settings. Then the attacker moves with a click into the rdp session   
window and pushes the print key. A screenshot is made of the remote session, that is loaded to the local system cache of the first computer system that the attacker uses.   
Then the attacker moves back to the local system into the conversation of skype and copypastes the screenshot of the clipboard (print) to the message body. A clipboard   
error occurs because of the unknown format size and the software crashs with several uncaught access violations or unfiltered exceptions for both parties. The software is   
not terminated and allows to read every dll error by line with offset.   
  
The error and critical crashs are captured by the software internal dev log called gilasterr.log file. The gilasterr.log file captures internal information of the software   
in case of critical errors for the skype developer teams. During the exploitation process the gilasterr.log file captured the loop crashs and overwrite of the eip register   
as reference. The active offsets allowed us to define a new address to compromise the targeted local or remote computer system.  
  
In a software update of the v7.2, v7.3.5 & v7.3.6 version of skype, a limitation has been implemented for the clipboard function. Due to the implementation, a   
misconfiguration was included by the developers. The cut function allows to paste the image in raw format back to the message box. After the limitation was implemented   
for the pasted image counts and for the byte size of the clipboard, the attacker is still able to exploit the issue. Therefore an attacker uses the developer flaw that   
should fix the new zero-day vulnerability. The attacker copies the content via remote session of the clipboard via cache, then he uses the cut ability of skype with the   
context menu and repaste the input again. After that the images are getting transfered in raw format as text value of the skype code [image] by repasting them to the message   
box query, the vulnerability can be triggered again and the limiation of size and count is bypassed.  
  
The successful attack scenario is not limited to manual exploitation only. Attackers can locally prepare the cache and clipboard of a computersystem to exploit the connected   
remote party computer system using skype.  
  
The security risk of the skype vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 7.2. Exploitation of the buffer overflow software   
vulnerability requires no user interaction and only a low privilege skype user account. Successful exploitation of the buffer overflow vulnerability results in system and process   
compromise by an overwrite of the registers.  
  
Vulnerable Software Client(s):  
[+] Microsoft Skype v7.3.6  
[+] Microsoft Skype v7.3.5.103  
[+] Microsoft Skype v7.2  
  
Vulnerable Function(s):  
[+] clipboard (remote session)  
  
Affected Library:  
[+] MSFTEDIT.DLL  
  
  
Proof of Concept (PoC):  
=======================  
The buffer overflow vulnerability can be exploited by local and remote attackers without user interaction and with low privileged skype user account.  
For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue.  
  
  
Manual steps to reproduce the vulnerability ...  
1. Install Skype to your windows xp, windows 7 or windows 8 computer system  
2. Add a first test contact and use another computer to connect to ip (separate ip and connection)  
3. Accept the add request for further communication to both accounts  
4. Now, the attacker opens for example a remote desktop session to another system of the first computer for reproduce  
Note: Activate in the RDP session the clipboard for copy to share with the local connected computer system  
5. Connect via RDP to the new computer system  
6. Use the print button to make a screenhot  
Note: The data is stored in the cache because of the transmit to the other system  
7. Move now back to the regular system without closing the rdp connection  
8. Copy the cipboard content inside of the message box  
Note: In some cases this already causes the main crash but sometimes the message needs to be delivered to crash on interaction  
9. The software crashs and the connected client as well several uncaught and unexpected or unknown errors occur  
Note: At that point the attacker is able to overwrite the register of the software process to gain higher privileges  
10. Successful reproduce of the buffer overflow vulnerability in the skype software!  
  
  
Note: The rdp software allows to use the clipboard function to transmit data to the local system. In case of a transmittion via skype by a copy   
of the local system screen via the print key, it is possible to finally exploit the vulnerability. The replace of the screen via print to transmit   
for example large unicode payloads works as well.  
  
  
--- Debug Logs (WinDBG on Windows XP, Windows 7 & Windows 8) ---  
0:000> g  
(f2c.1638): Unknown exception - code 000006a6 (first chance)  
(f2c.1c18): Unknown exception - code 000006a6 (first chance)  
(f2c.1ed4): Unknown exception - code 000006a6 (first chance)  
(f2c.1e80): Unknown exception - code 000006a6 (first chance)  
(f2c.1c18): Unknown exception - code 000006a6 (first chance)  
(f2c.1ed4): Unknown exception - code 000006a6 (first chance)  
(f2c.16dc): Access violation - code c0000005 (first chance)  
First chance exceptions are reported before any exception handling.  
This exception may be expected and handled.  
eax=644a1801 ebx=12544290 ecx=644a1801 edx=12544278 esi=12544278 edi=0018f394  
eip=00410041 esp=0018dc64 ebp=0018dc7c iopl=0 nv up ei pl nz na po nc  
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210202  
MSFTEDIT!CreateTextServices+0x28a51:  
00410041 8b30 mov esi,dword ptr [eax] ds:002b:644a1801=????????  
0:000> g  
(f2c.16dc): Access violation - code c0000005 (first chance)  
First chance exceptions are reported before any exception handling.  
This exception may be expected and handled.  
eax=644a1801 ebx=12544290 ecx=644a1801 edx=12544278 esi=12544278 edi=0018f394  
eip=00410041 esp=0018dee4 ebp=0018defc iopl=0 nv up ei pl nz na po nc  
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210202  
MSFTEDIT!CreateTextServices+0x28a51:  
00410041 8b30 mov esi,dword ptr [eax] ds:002b:644a1801=????????  
0:000> g  
(f2c.1ed4): Unknown exception - code 000006a6 (first chance)  
(f2c.10b8): Unknown exception - code 000006a6 (first chance)  
(f2c.1ed4): Unknown exception - code 000006a6 (first chance)  
(f2c.16dc): Access violation - code c0000005 (first chance)  
First chance exceptions are reported before any exception handling.  
This exception may be expected and handled.  
eax=644a1801 ebx=12544290 ecx=644a1801 edx=12544278 esi=12544278 edi=0018f394  
eip=00410041 esp=0018dc64 ebp=0018dc7c iopl=0 nv up ei pl nz na po nc  
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210202  
MSFTEDIT!CreateTextServices+0x28a51:  
00410041 8b30 mov esi,dword ptr [eax] ds:002b:644a1801=????????  
0:000> u  
MSFTEDIT!CreateTextServices+0x28a51:  
00410041 8b30 mov esi,dword ptr [eax]  
644a1803 8bce mov ecx,esi  
644a1805 ff1560056864 call dword ptr [MSFTEDIT!DllGetActivationFactory+0x75dc0 (64680560)]  
644a180b 8bcf mov ecx,edi  
644a180d ffd6 call esi  
644a180f 8b7f04 mov edi,dword ptr [edi+4]  
644a1812 85ff test edi,edi  
644a1814 75e9 jne MSFTEDIT!CreateTextServices+0x28a4f (644a17ff)  
0:000> a  
... ...  
Skype.exe.1268.dmp  
Skype.exe.2664.dmp  
Skype.exe.3884.dmp  
Skype.exe.6356.dmp  
  
  
--- Error Event Log Report 1 ---  
Version=1  
EventType=APPCRASH  
EventTime=131394846005041388  
ReportType=2  
Consent=1  
UploadTime=131394846005945068  
ReportIdentifier=cf151af6-3add-11e7-bee5-54bef733d5e7  
IntegratorReportIdentifier=cf151af5-3add-11e7-bee5-54bef733d5e7  
WOW64=1  
NsAppName=Skype.exe  
Response.BucketId=c2eafb48595741113993cb3466b3a4a1  
Response.BucketTable=1  
Response.LegacyBucketId=108904300980  
Response.type=4  
Sig[0].Name=Anwendungsname  
Sig[0].Value=Skype.exe  
Sig[1].Name=Anwendungsversion  
Sig[1].Value=7.35.0.103  
Sig[2].Name=Anwendungszeitstempel  
Sig[2].Value=590bd88a  
Sig[3].Name=Fehlermodulname  
Sig[3].Value=MSFTEDIT.DLL  
Sig[4].Name=Fehlermodulversion  
Sig[4].Value=6.3.9600.17809  
Sig[5].Name=Fehlermodulzeitstempel  
Sig[5].Value=00410041  
Sig[6].Name=Ausnahmecode  
Sig[6].Value=c0000005  
Sig[7].Name=Ausnahmeoffset  
Sig[7].Value=00051801  
DynamicSig[1].Name=Betriebsystemversion  
DynamicSig[1].Value=6.3.9600.2.0.0.256.48  
DynamicSig[2].Name=Gebietsschema-ID  
DynamicSig[2].Value=1031  
DynamicSig[22].Name=Zusatzinformation 1  
DynamicSig[22].Value=1f9b  
DynamicSig[23].Name=Zusatzinformation 2  
DynamicSig[23].Value=1f9b679267db3137e0d85677258ac18f  
DynamicSig[24].Name=Zusatzinformation 3  
DynamicSig[24].Value=44fa  
DynamicSig[25].Name=Zusatzinformation 4  
DynamicSig[25].Value=44fa6b7c31aef8e30a35cae18ad80d90  
UI[2]=C:Program Files (x86)SkypePhoneSkype.exe  
UI[3]=Skype funktioniert nicht mehr  
UI[4]=Windows kann online nach einer LAPsung fA1/4r das Problem suchen.  
UI[5]=Online nach einer LAPsung suchen und das Programm schlieAen  
UI[6]=SpA$?ter online nach einer LAPsung suchen und das Programm schlieAen  
UI[7]=Programm schlieAen  
LoadedModule[0]=C:Program Files (x86)SkypePhoneSkype.exe  
... ...  
LoadedModule[177]=C:WINDOWSSystem32WMICLNT.dll  
LoadedModule[178]=C:WINDOWSsystem32WinSATAPI.dll  
LoadedModule[179]=C:WindowsSYSTEM32DDRAW.dll  
LoadedModule[180]=C:WindowsSYSTEM32DCIMAN32.dll  
LoadedModule[181]=C:WINDOWSSYSTEM32D3DIM700.DLL  
LoadedModule[182]=C:WINDOWSSYSTEM32mscms.dll  
State[0].Key=Transport.DoneStage1  
State[0].Value=1  
FriendlyEventName=Nicht mehr funktionsfA$?hig  
ConsentKey=APPCRASH  
AppName=Skype  
AppPath=C:Program Files (x86)SkypePhoneSkype.exe  
NsPartner=windows  
NsGroup=windows8  
ApplicationIdentity=AF2AEB27CB57FBBCA1932A8772681FD2  
... ...  
AppCrash_Skype.exe_edbcbb2855eebf494ff386f9eb88be5024b684c0_ce2586b7_09536479  
AppCrash_Skype.exe_edbcbb2855eebf494ff386f9eb88be5024b684c0_ce2586b7_162337b5  
  
  
--- Error Event Log Report 2 ---  
Version=1  
EventType=APPCRASH  
EventTime=131394774156792772  
ReportType=2  
Consent=1  
UploadTime=131394774157463380  
ReportIdentifier=1493f024-3acd-11e7-bee5-54bef733d5e7  
IntegratorReportIdentifier=1493f023-3acd-11e7-bee5-54bef733d5e7  
WOW64=1  
NsAppName=Skype.exe  
Response.BucketId=c2eafb48595741113993cb3466b3a4a1  
Response.BucketTable=1  
Response.LegacyBucketId=108904300980  
Response.type=4  
Sig[0].Name=Anwendungsname  
Sig[0].Value=Skype.exe  
Sig[1].Name=Anwendungsversion  
Sig[1].Value=7.35.0.103  
Sig[2].Name=Anwendungszeitstempel  
Sig[2].Value=590bd88a  
Sig[3].Name=Fehlermodulname  
Sig[3].Value=MSFTEDIT.DLL  
Sig[4].Name=Fehlermodulversion  
Sig[4].Value=6.3.9600.17809  
Sig[5].Name=Fehlermodulzeitstempel  
Sig[5].Value=55390cb7  
Sig[6].Name=Ausnahmecode  
Sig[6].Value=c0000005  
Sig[7].Name=Ausnahmeoffset  
Sig[7].Value=00051801  
DynamicSig[1].Name=Betriebsystemversion  
DynamicSig[1].Value=6.3.9600.2.0.0.256.48  
DynamicSig[2].Name=Gebietsschema-ID  
DynamicSig[2].Value=1031  
DynamicSig[22].Name=Zusatzinformation 1  
DynamicSig[22].Value=58e7  
DynamicSig[23].Name=Zusatzinformation 2  
DynamicSig[23].Value=58e753590f5b5462c719fa2fec08c5df  
DynamicSig[24].Name=Zusatzinformation 3  
DynamicSig[24].Value=d3f4  
DynamicSig[25].Name=Zusatzinformation 4  
DynamicSig[25].Value=d3f420397e2e2e0b425627582efa4b9e  
UI[2]=C:Program Files (x86)SkypePhoneSkype.exe  
UI[3]=Skype funktioniert nicht mehr  
UI[4]=Windows kann online nach einer LAPsung fA1/4r das Problem suchen.  
UI[5]=Online nach einer LAPsung suchen und das Programm schlieAen  
UI[6]=SpA$?ter online nach einer LAPsung suchen und das Programm schlieAen  
UI[7]=Programm schlieAen  
... ...  
AppCrash_Skype.exe_edbcbb2855eebf494ff386f9eb88be5024b684c0_ce2586b7_178c36b3  
AppCrash_Skype.exe_edbcbb2855eebf494ff386f9eb88be5024b684c0_ce2586b7_17d4edea  
  
  
--- Error Event Log Report (Final Stack Buffer Overflow) ---  
EventType=BEX  
EventTime=131396017042959341  
ReportType=2  
Consent=1  
UploadTime=131396017045953454  
ReportIdentifier=762751ed-3bee-11e7-8ab7-eaa72e69e267  
IntegratorReportIdentifier=6d4bfe78-0289-4d95-9560-e84dc4fda8c5  
WOW64=1  
NsAppName=Skype.exe  
AppSessionGuid=000003b8-0001-0094-b635-203efacfd201  
TargetAppId=W:00065514750fd91b9e1d7f9edd239a15171d00000904!000014ddb0fbc81557d09d66c4c18c51c71ff4218649!Skype.exe  
TargetAppVer=2016//08//17:21:47:12!1c3188d!Skype.exe  
BootId=4294967295  
Response.BucketId=1a45da49e92037f743652f4734fcab85  
Response.BucketTable=5  
Response.LegacyBucketId=50  
Response.type=4  
Sig[0].Name=Anwendungsname  
Sig[0].Value=Skype.exe  
Sig[1].Name=Anwendungsversion  
Sig[1].Value=7.27.0.101  
Sig[2].Name=Anwendungszeitstempel  
Sig[2].Value=57b4db60  
Sig[3].Name=Fehlermodulname  
Sig[3].Value=StackHash_a309  
Sig[4].Name=Fehlermodulversion  
Sig[4].Value=0.0.0.0  
Sig[5].Name=Fehlermodulzeitstempel  
Sig[5].Value=00410041  
Sig[6].Name=Ausnahmeoffset  
Sig[6].Value=PCH_F2_FROM_ntdll+0x0006EB8C  
Sig[7].Name=Ausnahmecode  
Sig[7].Value=c0000005  
Sig[8].Name=Ausnahmedaten  
... ...  
EventType=APPCRASH  
EventTime=131396017978156224  
ReportType=2  
Consent=1  
UploadTime=131396017979155734  
ReportIdentifier=ae0d806d-3bee-11e7-8ab7-eaa72e69e267  
IntegratorReportIdentifier=cb6001f2-8e24-428e-9681-798213e07167  
WOW64=1  
NsAppName=Skype.exe  
AppSessionGuid=000003b8-0001-0094-b635-203efacfd201  
TargetAppId=W:00065514750fd91b9e1d7f9edd239a15171d00000904!000014ddb0fbc81557d09d66c4c18c51c71ff4218649!Skype.exe  
TargetAppVer=2016//08//17:21:47:12!1c3188d!Skype.exe  
BootId=4294967295  
Response.BucketId=ec621c6ccac633fce5d1e2a3190c48cb  
Response.BucketTable=1  
Response.LegacyBucketId=108928879505  
Response.type=4  
Sig[0].Name=Anwendungsname  
Sig[0].Value=Skype.exe  
Sig[1].Name=Anwendungsversion  
Sig[1].Value=7.27.0.101  
Sig[2].Name=Anwendungszeitstempel  
Sig[2].Value=57b4db60  
Sig[3].Name=Fehlermodulname  
Sig[3].Value=StackHash_c2f6  
Sig[4].Name=Fehlermodulversion  
Sig[4].Value=10.0.14393.479  
Sig[5].Name=Fehlermodulzeitstempel  
Sig[5].Value=58256ca0  
Sig[6].Name=Ausnahmecode  
Sig[6].Value=c0000374  
... ...  
AppCrash_Skype.exe_d0af9530b99d8758e9db661d96b23628d951d0de_1523a347_02d1c738  
AppCrash_Skype.exe_eaf5689fdd6d20b6c7ce5c3281fbab78bcbc4c7_1523a347_1416ac1a  
  
  
Solution - Fix & Patch:  
=======================  
The vulnerability can be resolved by a count and size restriction of the clipboard content delivered via a remote system. Improve the path content and   
disallow to perform a request when the data is not physical located on the transmittion computer system. Include a secure exception-handling to prevent uncaught and   
unexpected error exceptions to followup with a jump to another address. Another solution could be to deactivate the copy clipboard in case the data is requested   
of another remote system. Thus would deny that an attacker is however able use the clipboard to trick into an overflow.  
  
Immediately update the skype software core and publish a bulletin to prevent exploitation of the zero-day vulnerability. The impact is not limited to skype but   
demonstrated with it. Research on the error to ensure no other software that uses the same way is affected as well.  
  
Note: The skype developer team resolved the stack buffer overflow vulnerability in the official skype software client version 7.37.178.  
Download: https://www.skype.com/de/download-skype/skype-for-windows/downloading/  
  
  
Security Risk:  
==============  
The security risk of the stack buffer overflow vulnerability in the microsoft skype software core is estimated as high (CVSS 7.2).  
  
  
Credits & Authors:  
==================  
Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)  
  
  
Disclaimer & Information:  
=========================  
The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or   
implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any   
case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability Labs or its   
suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability mainly for incidental  
or consequential damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any licenses, policies, deface   
websites, hack into databases or trade with stolen data. We have no need for criminal activities or membership requests. We do not publish advisories   
or vulnerabilities of religious-, militant- and racist- hacker/analyst/researcher groups or individuals. We do not publish trade researcher mails,   
phone numbers, conversations or anything else to journalists, investigative authorities or private individuals.   
  
Domains: www.vulnerability-lab.com - www.vulnerability-db.com - www.evolution-sec.com  
Programs: vulnerability-lab.com/submit.php - vulnerability-lab.com/list-of-bug-bounty-programs.php - vulnerability-lab.com/register.php  
Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php  
Social: twitter.com/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab  
  
Any modified copy or reproduction, including partially usages, of this file, resources or information requires authorization from Vulnerability Laboratory.   
Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by   
Vulnerability Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark   
of vulnerability-lab team & the specific authors or managers. To record, list, modify, use or edit our material contact (admin@) to get an ask permission.  
  
Copyright A(c) 2017 | Vulnerability Laboratory - [Evolution Security GmbH]aC/  
  
--   
VULNERABILITY LABORATORY - RESEARCH TEAM  
SERVICE: www.vulnerability-lab.com  
  
`