Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals

Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or Unmanned Aerial Vehicles UAVs have been an integral tool used by the Ukrainian military, malware-lace...

Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity Injection

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-HTML-HELP-UNCOMPILED-CHM-FILE-XML-EXTERNAL-ENTITY-INJECTION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Compiled HTML Help "hh.exe"...

CHM Help Files Deliver Brazilian Banking Trojan

Security researchers are warning of a new spam campaign targeting Brazilian institutions that contain Compiled HTML file attachments that are used to deliver a banking Trojan. Spam messages contain a malicious CHM attachment called “comprovante.chm”, wrote Rodel Mendrez, senior security researche...

Microsoft Compiled HTML Help Remote Code Execution

!/usr/bin/php pocEhsan Noreddini shot : http://ehsann.info/proof/MicrosoftCompiledHTMLhelpRCE.png Original Code : http://ehsann.info/exploit/5.txt video : http://ehsann.info/video/MicrosoftCompiledHTMLhelpRCE.mp4 print "Microsoft Compiled HTML Help - Remote Code Execution Exploit \r\n"; $port=80;...

Microsoft HTML Help Compiler (hhc.exe) - Buffer Overflow (PoC)

Microsoft HTML Help Compiler hhc.exe - Buffer Overflow PoC Microsoft’s HTML Help Compiler hhc.exe is free tool to build Microsoft Compiled HTML Help .chm files. It is included within HTML Help Workshop and Visual Studio. The executable, hhc.exe, does not properly check the length of user-supplied...