Name | ms14_064_ie_oleaut32 |
---|---|
CVE | CVE-2014-6332 Exploit Pack |
VENDOR: Microsoft | |
NOTES: |
References:
http://blog.trendmicro.com/trendlabs-security-intelligence/a-killer-combo-critical-vulnerability-and-godmode-exploitation-on-cve-2014-6332/
http://www.secniu.com/how-to-use-vbscript-to-turn-on-the-god-mode/
This exploit has been tested on:
NOTE: With HTTP Callback Tunneling we inject a win32 shellcode
because the powershellNode doesn’t support it yet.
Make sure to enable on the clientd response settings:
- Respond directly with exploit
If execution of scripts is disabled on the target system (default configuration),
the user will get a popup asking if they want powershell to make changes to their
system. In corporate environments it is very unlikely that execution of scripts
is disabled.
Command line usage:
$ python ./exploits/clientd/clientd.py -l 192.168.1.102 -d 5555 -O server_port:8080 -O allowed_attack_modules:ms14_064_ie_oleaut32 -O auto_detect_exploits:0
$ ./commandlineInterface.py -v23 -p5555
Repeatability: Single
References: https://technet.microsoft.com/library/security/MS14-064
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6332