17 matches found
Metasploit Wrap-Up
MobileIron MDM Hessian-Based Java Deserialization RCE Our very own wvu-r7 has added exploits/linux/http/mobileironmdmhessianrce, which exploits an ACL bypass in MobileIron MDM products to execute a Java deserialization attack using a Groovy gadget against a Hessian based endpoint. CVE-2020-15505...
FannyBMP or DementiaWheel Detection Registry Check
This module searches for the Fanny.bmp worm related reg keys. fannybmp is a worm that exploited zero day vulns more specifically, the LNK Exploit CVE-2010-2568. Which allowed it to spread even if USB Autorun was turned off. This is the same exploit that was used in StuxNet. Module Options msf use...
Microsoft Windows automatically executes code specified in shortcut files
Overview Microsoft Windows automatically executes code specified in shortcut LNK files. Description Microsoft Windows supports the use of shortcut or LNK files. A LNK file is a reference to a local file. Clicking on a LNK or file has essentially the same outcome as clicking on the file that is...
Stuxnet LNK Exploits Still Widely Circulated
One of the alleged mandates around the development of the Stuxnet worm was that malware’s numerous components—which included a handful of zero days—should never escape the Natanz uranium enrichment facility in Iran. Eight years later, evidence continues to mount as to how that mandate was...
Microsoft Security Intelligence Report: Top Takeaways
Microsoft’s Security Intelligence Report painted a bleak picture when it comes to malware, fraudulent login attempts and the staying power of really old exploits. Key findings in the 198-page biannual report run the gamut illustrating how old threats die hard and what new threats are on the...
Microsoft Windows Shell LNK Code Execution
This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload inside a DLL, and generates a LNK file which must be sent to the target. This module requires...
Microsoft Windows - Shell LNK Code Execution (MS10-046) (Metasploit)
$Id: ms10046shortcuticondllloader.rb 10404 2010-09-21 00:13:30Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft Windows Shell LNK Code Execution
This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path. This module requires Metasploit:...
Microsoft Windows Shell Remote Code Execution Vulnerability (2286198)
This host is missing a critical security update according to Microsoft Bulletin MS10-046. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS10-046: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) (EASYHOOKUP)
The remote windows host contains a version of the Windows Shell that contains a vulnerability in the way it handles shortcut icons. An attacker, exploiting this flaw, can execute arbitrary commands on the remote host subject to the privileges of the user opening the shortcut. EASYHOOKUP is one of...
CVE-2010-2568
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted 1 .LNK or 2 .PIF shortcut file, which is not properly handled during icon display in Windows Explorer...
CVE-2010-2568
CVE-2010-2568 affects the Windows shell icon display for shortcut files, enabling arbitrary code execution when a crafted .LNK or .PIF is processed by Windows Explorer. Affected systems include Windows XP SP3, Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 SP2/R2, and Windows 7, with...
CVE-2010-2568
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted 1 .LNK or 2 .PIF shortcut file, which is not properly handled during icon display in Windows Explorer...
Immunity Canvas: WINDOWS_SHELL_LNK
Name| windowsshelllnk ---|--- CVE| CVE-2010-2568 Exploit Pack| CANVAS Description| windowsshelllnk Notes| CVE Name: CVE-2010-2568 VENDOR: Microsoft Notes: VersionsAffected: Windows XP, Windows 2003, Windows Vista, Windows 2008, Windows 7 Repeatability: Infinite References:...
CVE-2010-2568
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted 1 .LNK or 2 .PIF shortcut file, which is not properly handled during icon display in Windows Explorer...
CVE-2010-2568
creationtimestamp| type| source ---|---|--- 2010-07-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/14403 2010-08-02 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-10-201-01c 2010-09-21 00:00:00+00:00| confirmed|...
Microsoft Windows Shell LNK File Parsing Code Execution (MS10-046; CVE-2010-2568)
The Shell organizes objects necessary for running applications into a hierarchical namespace and provides users and applications with a consistent and efficient way to access and manage objects. A code execution vulnerability has been reported in Windows Shell. The vulnerability is due to an erro...