Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update description

Browse Source
This commit is contained in:
bcoles
2013-12-30 22:48:51 +10:30
parent fe37a14adc
commit f0d989f6e9
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/local_host/ie_ms12_004_midi/config.yaml
View File

@@ -14,10 +14,10 @@ beef:
enable: true
category: ["Exploits", "Local Host"]
name: "IE MS12-004 midiOutPlayNextPolyEvent Heap Overflow"
description: "This module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control.<br/><br/>This exploit has been ported directly from <a href='http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ms12_004_midi.rb'>ms12_004_midi.rb</a> from Metasploit, however it has limited target support (IE 6-7 on WinXP SP3 only) and limited payloads (bind shell on port 4444 only).<br/><br/>For more granular control over browser based Metasploit exploits using BeEF, refer to the <a href='https://github.com/beefproject/beef/wiki/Metasploit' target='_blank'>Metasploit Integration for BeEF</a> page on the wiki."
description: "This module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control.<br/><br/>This exploit has been ported from <a href='http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ms12_004_midi.rb'>ms12_004_midi.rb</a> from Metasploit, however it has limited target support and limited payloads<br/><br/><b>Targets:</b> IE6-IE7 on WinXP SP2-SP3<br/><b>Payloads:</b> bind shell on port 4444<br/><br/>For more browser based Metasploit exploits and payloads refer to the <a href='https://github.com/beefproject/beef/wiki/Metasploit' target='_blank'>Metasploit Integration for BeEF</a> page on the wiki."
authors: ['Shane Garrett', 'juan vazquez', 'sinn3r']
target:
working:
user_notify:
IE:
min_ver: 6
max_ver: 7