27 lines
1.7 KiB
YAML
27 lines
1.7 KiB
YAML
#
|
|
# Copyright (c) 2006-2023 Wade Alcorn - wade@bindshell.net
|
|
# Browser Exploitation Framework (BeEF) - http://beefproject.com
|
|
# See the file 'doc/COPYING' for copying permission
|
|
#
|
|
###
|
|
# This module is a quick, dirty and butchered port of 'modules/exploits/windows/browser/ms13_069_caret.rb'
|
|
# from the Metasploit Framework project. Written originally by corelanc0d3r (@corelanc0d3r) and sinn3r (@_sinn3r)
|
|
# See: http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ms13_069_caret.rb
|
|
###
|
|
beef:
|
|
module:
|
|
ie_ms13_069_caret:
|
|
enable: true
|
|
category: ["Exploits", "Local Host"]
|
|
name: "IE MS13-069 CCaret Use-After-Free"
|
|
description: "This module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs in how the browser handles the caret (text cursor) object.<br/><br/>This exploit has been ported from <a href='http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ms13_069_caret.rb'>ms13_069_caret.rb</a> from Metasploit, however it has limited target support and payloads.<br/><br/><b>Targets:</b> IE 8 on WinXP SP3<br/><b>Payloads:</b> bind shell on port 4444<br/><br/>For more browser based Metasploit exploits and payloads refer to the <a href='https://github.com/beefproject/beef/wiki/Metasploit' target='_blank'>Metasploit Integration for BeEF</a> page on the wiki."
|
|
authors: ['corelanc0d3r (@corelanc0d3r)', 'sinn3r (@_sinn3r)']
|
|
target:
|
|
user_notify:
|
|
IE:
|
|
min_ver: 8
|
|
max_ver: 8
|
|
not_working:
|
|
ALL:
|
|
os: ["ALL"]
|