beef/modules/exploits/local_host/ie_ms12_004_midi/config.yaml

#
# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
###
# This module is a quick, dirty and butchered port of 'modules/exploits/windows/browser/ms12_004_midi.rb'
# from the Metasploit Framework project. Written originally by Shane Garrett, juan vazquez, and sinn3r
# See: http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ms12_004_midi.rb
###
beef:
    module:
        ie_ms12_004_midi:
            enable: true
            category: ["Exploits", "Local Host"]
            name: "IE MS12-004 midiOutPlayNextPolyEvent Heap Overflow"
            description: "This module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files.  Remote code execution can be achieved by using the Windows Media Player ActiveX control.<br/><br/>This exploit has been ported from <a href='http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ms12_004_midi.rb'>ms12_004_midi.rb</a> from Metasploit, however it has limited target support and limited payloads<br/><br/><b>Targets:</b> IE6-IE7 on WinXP SP2-SP3<br/><b>Payloads:</b> bind shell on port 4444<br/><br/>For more browser based Metasploit exploits and payloads refer to the <a href='https://github.com/beefproject/beef/wiki/Metasploit' target='_blank'>Metasploit Integration for BeEF</a> page on the wiki."
            authors: ['Shane Garrett', 'juan vazquez', 'sinn3r']
            target:
                user_notify:
                    IE:
                        min_ver: 6
                        max_ver: 7
                not_working:
                    ALL:
                        os: ["ALL"]