Lucene search

K

Microsoft Windows .NET Framework - Remote Code Execution 0day Exploit

🗓️ 13 Sep 2017 00:00:00Reported by VoulnetType 
zdt
 zdt
🔗 0day.today👁 153 Views

Microsoft .NET Framework 0day Exploit Runnin

Show more
Related
Code
Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample
 
Running CVE-2017-8759 exploit sample.
 
Flow of the exploit:
 
Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WSDL parser log. Then the parsing log results in running mshta.exe which in turn runs a powershell commands that runs mspaint.exe
 
To test:
 
Run a webserver on port 8080, and put the files exploit.txt and cmd.hta on its root. For example python -m SimpleHTTPServer 8080
 
If all is good mspaint should run.

#  0day.today [2018-03-14]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo