From f0d989f6e984ebaa0cbcec7c0e6e97d59739f427 Mon Sep 17 00:00:00 2001 From: bcoles Date: Mon, 30 Dec 2013 22:48:51 +1030 Subject: [PATCH] Update description --- modules/exploits/local_host/ie_ms12_004_midi/config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/exploits/local_host/ie_ms12_004_midi/config.yaml b/modules/exploits/local_host/ie_ms12_004_midi/config.yaml index 5f3a45e9c..d739a288d 100644 --- a/modules/exploits/local_host/ie_ms12_004_midi/config.yaml +++ b/modules/exploits/local_host/ie_ms12_004_midi/config.yaml @@ -14,10 +14,10 @@ beef: enable: true category: ["Exploits", "Local Host"] name: "IE MS12-004 midiOutPlayNextPolyEvent Heap Overflow" - description: "This module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control.

This exploit has been ported directly from ms12_004_midi.rb from Metasploit, however it has limited target support (IE 6-7 on WinXP SP3 only) and limited payloads (bind shell on port 4444 only).

For more granular control over browser based Metasploit exploits using BeEF, refer to the Metasploit Integration for BeEF page on the wiki." + description: "This module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control.

This exploit has been ported from ms12_004_midi.rb from Metasploit, however it has limited target support and limited payloads

Targets: IE6-IE7 on WinXP SP2-SP3
Payloads: bind shell on port 4444

For more browser based Metasploit exploits and payloads refer to the Metasploit Integration for BeEF page on the wiki." authors: ['Shane Garrett', 'juan vazquez', 'sinn3r'] target: - working: + user_notify: IE: min_ver: 6 max_ver: 7