26 matches found
The Top 5 Russian Cyber Threat Actors to Watch
This post was updated on March 10, 2022 to include a section on the Conti Ransomware Group. As we continue to monitor the situation between Russia and Ukraine – and the potential for global cybersecurity impacts – we realize that our customers and other business and industry stakeholders may be...
CVE-2014-4114
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a...
Sandworm Team and the Ukrainian Power Authority Attacks
Update 1.11.16 - SANS ICS Team Connects Dots Updating the blog entry to bring attention to the recent analysis published by Mike Assante from the SANS ICS team. "After analyzing the information that has been made available by affected power companies, researchers, and the media it is clear that...
Windows-OLE-Package-Manager
Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title: CVE-2014-4114 SandWorm builder Vendor Homepage: microsoft.com Tested on: Win7Sp1 64 bit - Microsoft Offcie 2013 Plus Demo: http://youtu.be/ljjEkhflpv import os import zipfile import sys ''' Very quick and ugly SandWorm...
Windows OLE Package Manager SandWorm Exploit
No description provided by source. !/usr/bin/env python import os import zipfile import sys ''' Full Exploit: http://www.exploit-db.com/sploits/35019.tar.gz Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title: CVE-2014-4114 SandWorm builder Built to run on: Linux/MacOSX Date:...
Windows OLE - Remote Code Execution "Sandworm" Exploit (MS14-060)
No description provided by source. !/usr/bin/python Windows OLE RCE Exploit MS14-060 CVE-2014-4114 Sandworm Author: Mike Czumak Tv3rn1x - @SecuritySift Written: 10/21/2014 Tested Platforms: Windows 7 SP1 w/ exploit script run on Kali Linux You are free to reuse this code in part or in whole wit...
MS14-060 Microsoft Windows OLE Package Manager Code Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::FILEFORMAT include...
CVE-2 0 1 4-4 1 1 4 variants of sample analysis-vulnerability warning-the black bar safety net
Found a CVE-2 0 1 4-4 1 1 4 variants of the sample, the sample embedded with malicious code, can be directly to the local trigger, no need to from a remote shared server to download malicious code. Use UltraEdit to open the sample can be found within a block of the PE module information: ! ue.jpg...
Microsoft Windows - OLE Remote Code Execution Sandworm (MS14-060)
Microsoft Windows - OLE Remote Code Execution Sandworm MS14-060 !/usr/bin/python Windows OLE RCE Exploit MS14-060 CVE-2014-4114 Sandworm Author: Mike Czumak Tv3rn1x - @SecuritySift Written: 10/21/2014 Tested Platforms: Windows 7 SP1 w/ exploit script run on Kali Linux You are free to reuse this...
Sandworm(CVE-2 0 1 4-4 1 1 4 new variants discovered for Taiwan's APT attacks-a vulnerability warning-the black bar safety net
! Xecure lab on 1 0 On 1 7, found variant of the 0day vulnerabilities worms(CVE-2 0 1 4-4 1 1 4 have been used in the for the Government of Taiwan and various units of APT attacks, the current mainstream anti-virus software also can't effectively detected. The variant can be directly embedded...
Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability
Added: 10/24/2014 CVE: CVE-2014-4114 BID: 70419 OSVDB: 113140 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. For...
Windows OLE Package Manager SandWorm Exploit
Proof of concept exploit builder for the OLE flaw in packager.dll. !/usr/bin/env python import os import zipfile import sys ''' Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title: CVE-2014-4114 SandWorm builder Built to run on: Linux/MacOSX Date: 17/10/2014 Exploit Author:...
Microsoft Windows - OLE Package Manager SandWorm
Microsoft Windows - OLE Package Manager SandWorm !/usr/bin/env python import os import zipfile import sys ''' Full Exploit: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35019.tar.gz Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title:...
Microsoft Windows - OLE Package Manager SandWorm
!/usr/bin/env python import os import zipfile import sys ''' Full Exploit: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35019.tar.gz Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title: CVE-2014-4114 SandWorm builder Built to run on:...
Microsoft Windows - OLE Package Manager Code Execution (MS14-060) (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-060 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...
Microsoft Windows OLE Remote Code Execution (MS14-060) - ver 2 (CVE-2014-4114; CVE-2014-6352)
A remote code execution vulnerability has been reported in Microsoft Object Linking and Embedding OLE technology. This vulnerability is caused when a user downloads, or receives, and then opens a Microsoft Office file which contains specially crafted OLE objects...
MS14-060 Microsoft Windows OLE Package Manager Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-060 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...
CVE-2 0 1 4-4 1 1 4 and CVE-2 0 1 4-3 5 6 6-vulnerability warning-the black bar safety net
This two-day concern to the security personnel will pay special attention to these two new disclosure Vulnerability: CVE-2 0 1 4-4 1 1 4 and CVE-2 0 1 4-3 5 6 6 The. Here we have for these two vulnerabilities most some brief description. CVE-2 0 1 4-4 1 1 4 ------------------------- This...
Sandworm(CVE-2 0 1 4-4 1 1 4 related to the threat of a comprehensive analysis of the report — and to chasing shadows Security Platform detection problem of the complex disk-vulnerability warning-the black bar safety net
1 threat card and introduction ! CVE-2 0 1 4-4 1 1 4 is in the OLE package Manager the INF arbitrary code execution vulnerability, the vulnerability affects Win Vista, Win7 and aboveoperating system, the attackers used PowerPoint as an attack vector, the vulnerability is in the Microsoft Windows...
Immunity Canvas: SANDWORM
Name| sandworm ---|--- CVE| CVE-2014-4114 Exploit Pack| CANVAS Description| Sandworm - MS14-060 - Windows OLE Remote Code Execution Vulnerability. Notes| Repeatability: Infinite Notes: This exploit creates a blank PPSX file Powerpoint show presentation, to use it you just have to add some stuff t...