50 matches found
wsa_exploits
...
Microsoft Windows Malicious Script File Generator
This PHP script generates a malicious .WSF Windows Script File containing both VBScript and JScript payload blocks. The payload runs arbitrary system commands through WScript.Shell...
Malicious code in magicwolf (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...
Open the wrong “PDF” and attackers gain remote access to your PC
Cybercriminals behind a campaign dubbed DEADVAX are taking phishing one step further by delivering malware inside virtual hard disks that pretend to be ordinary PDF documents. Open the wrong “invoice” or “purchase order” and you won't see a document at all. Instead, Windows mounts a virtual drive...
Microsoft Windows Script Host 5.812 File Generator
Microsoft Windows Script Host version 5.812 .vbs file generation tool that can be used to establish persistence on Windows systems...
Malicious Windows Script Host Script File (.wsf)
This module creates a Windows Script Host WSH Windows Script File .wsf. Module Options msf use exploit/windows/fileformat/windowsscripthostwsf msf exploitwindowsscripthostwsf show targets ...targets... msf exploitwindowsscripthostwsf set TARGET msf exploitwindowsscripthostwsf show options ...show...
📄 Malicious Windows Script Host Script File
This Metasploit module creates a Windows Script Host WSH Windows Script File .wsf. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Windows Script Host Script File .wsf', 'Description'...
Cobalt-Strike-Aggressor-Scripts
This repository is an offensive tool for Cobalt Strike Aggressor Scripts. It is a collection of PowerShell scripts that aggregate various UAC bypass methods, including the MS16-032, MS16-135, and WScript bypass attacks. The scripts are designed to be used with the Cobalt Strike framework to perfo...
Malicious Windows Script Host VBScript (.vbs) File
This module creates a Windows Script Host WSH VBScript .vbs file. Module Options msf use exploit/windows/fileformat/windowsscripthostvbscript msf exploitwindowsscripthostvbscript show targets ...targets... msf exploitwindowsscripthostvbscript set TARGET msf exploitwindowsscripthostvbscript show...
Malicious Windows Script Host JScript (.js) File
This module creates a Windows Script Host WSH JScript .js file. Module Options msf use exploit/windows/fileformat/windowsscripthostjscript msf exploitwindowsscripthostjscript show targets ...targets... msf exploitwindowsscripthostjscript set TARGET msf exploitwindowsscripthostjscript show options...
📄 Malicious Windows Script Host VBScript File
This Metasploit module creates a Windows Script Host WSH VBScript .vbs file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Windows Script Host VBScript .vbs File', 'Description' = %...
CVE-2023-1003
A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and m...
"Windows Script Host must be enabled for the duration of setup process"
Challenge While attempting to Install or Upgrade Veeam Backup & Replication, the installer displays the message: Windows Script Host must be enabled for the duration of setup process, Refer to KB4699 for more information https:// www.veeam.com/kb4699. Cause This message is displayed when the...
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files
Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that has been propagating the malware through malicious Windows Script Files WSFs since March 2024. "Historically, Raspberry Robin was known to spread through removable media like USB drives, but over time its...
The vulnerability of Windows operating system script handlers allows a perpetrator to trigger a service failure.
The vulnerability of Windows operating system script handlers is related to the issue of operations going beyond the buffer boundaries in memory when processing the dynamic library jscript9.dll. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure
The Computer Emergency Response Team of Ukraine CERT-UA on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates th...
PT-2023-16680 · Typora · Typora
Name of the Vulnerable Software and Affected Versions: Typora versions 1.5.5 and earlier Description: A critical issue was found in the WSH JScript Handler component, leading to code injection. The manipulation requires a local attack approach. The issue has been publicly disclosed and may be...
Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign
The Iranian state-sponsored threat actor known as MuddyWater has been attributed to a new swarm of attacks targeting Turkey and the Arabian Peninsula with the goal of deploying remote access trojans RATs on compromised systems. "The MuddyWater supergroup is highly motivated and can use unauthoriz...
The vulnerability of Windows operating system script handlers allows a perpetrator to execute arbitrary code or cause service failures.
The vulnerability of Windows operating system script handlers is related to the operation of writing data beyond the buffer boundaries into memory when processing HTML content. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure through a...
The vulnerability of the Microsoft Script Runtime library in the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft Script Runtime library in the Windows operating system relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...