3106 matches found
Microsoft Windows PowerShell Remote Code Execution Vulnerability
Microsoft Windows, etc. are a series of operating systems released by Microsoft, U.S.A. PowerShell is one of the command line programs. A remote code execution vulnerability exists in PowerShell in Microsoft Windows. An attacker can exploit this vulnerability to execute code in a PowerShell remot...
Microsoft Windows Multiple Vulnerabilities (KB4025337)
This host is missing a critical security update according to Microsoft KB4025337 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Skype for Business 2016 - Cross-Site Scripting
Exploit Title: Skype for Business 2016 XSS Injection - CVE-2017-8550 Exploit Author: @nyxgeek - TrustedSec Date: 2017-04-10 Vendor Homepage: www.microsoft.com Versions: 16.0.7830.1018 32-bit & 16.0.7927.1020 64-bit or lower Requirements: Originating machine needs Lync 2013 SDK installed as well a...
CVE-2017-8565
Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShel...
CVE-2017-8565
Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShel...
Remote code execution
Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShel...
CVE-2017-8565
Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShel...
CVE-2017-8565
CVE-2017-8565 is a Windows PowerShell remote code execution vulnerability triggered when PSObject wraps a CIM Instance. Connected sources describe in detail that deserialization via PSObject, LosFormatter, ObjectStateFormatter (and related gadget chains) can enable remote code execution in PowerS...
Learning PowerShell: The basics
I bet I went about learning PowerShell the wrong way, so I may need your help, readers of this blog. If only to organize my knowledge and use it for the fight against malware and not just to figure out how it was used in malware. The first serious look I had at PowerShell was when I was trying to...
Security update for the Windows PowerShell remote code execution vulnerability in Windows Server 2008: July 11, 2017
Security update for the Windows PowerShell remote code execution vulnerability in Windows Server 2008: July 11, 2017 Summary A remote code execution vulnerability exists in PowerShell when PSObject wraps a CIM Instance. An attacker who successfully exploited this vulnerability could execute...
Windows PowerShell Remote Code Execution Vulnerability
A remote code execution vulnerability exists in PowerShell when PSObject wraps a CIM Instance. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system. In an attack scenario, an attacker could execute malicious code in a PowerShell remote...
WinPayloads: Generate Undetectable Windows Payloads!
PenTestIT RSS Feed An older post of mine - MicroSploit dealt with generating backdoored documents for the Office platform. This post is about another open source framework, called WinPayloads which helps you create custom malicious payloads for the Microsoft Windows operating system. What is...
WMI Event Subscription Persistence Exploit
This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using one of five methods. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell'...
WMI Event Subscription Persistence
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'msf/core/post/windows/powershell' require 'msf/core/post/file' class MetasploitModule 'WMI Event Subscription Persistence',...
Microsoft Windows PowerShell CVE-2017-8565 Remote Code Execution Vulnerability
Description Microsoft Windows PowerShell is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions...
Windows 7 and Windows Server 2008 R2 July 2017 Security Updates
The remote Windows host is missing security update 4025337 or cumulative update 4025341. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a...
Windows 2008 July 2017 Multiple Security Updates
The remote Windows host is missing multiple security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a reference to an external entity. ...
Windows Server 2012 July 2017 Security Updates
The remote Windows host is missing security update 4025343 or cumulative update 4025331. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a...
KB4025342: Windows 10 Version 1703 July 2017 Cumulative Update
The remote Windows 10 version 1703 host is missing security update KB4025342. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a reference to an...
KB4025344: Windows 10 Version 1511 July 2017 Cumulative Update
The remote Windows 10 version 1511 host is missing security update KB4025344. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a reference to an...