본문 바로가기

Research/Pentesting

[Pentesting] Exploit Adobe Flash v18.0.194 (cve-2015-5119) Exploit Adobe Flash v18.0.194 (cve-2015-5119) 1. Exploit Info Under Adobe Flash 18.0.194, there is UAF(Use After Free) vulnerability using 'ByteArray' 2. Target Info- VictimIP Addr : 192.168.0.34OS : Windows 7 Ultimate x86 with ie11, flash v18.0.194 - HackerIP Addr : 192.168.0.35Malicious URL : http://192.168.0.35/OS : Kali Linux v2016.1 x86-64 3. ExploitThis time, we will try the exploit using .. 더보기
[Pentesting] Windows exploit with Word Macro Windows Exploit with Word Macro 1. Exploit Info Using Microsoft Word File to exploit Victim's computer. Inserting malicious vb codes into word macro. then when victim opens that file, the codes will be run reverse-shell 2. Target Information- Victim :IP Address : 192.168.56.132Mail : mail.naver.comOS : Windows 10 pro x86-64 korMS Word ver : word 2016 professional plusAV : yes ( with virustotal.c.. 더보기
[Docs] Cracking Windows XP/7/8 Account Password 보호되어 있는 글입니다. 더보기
[Pentesting] Windows 7 Exploit with ms10_046 - Windows 7 Exploit with ms10_046 Vulnerability : MS10_046 PayLoad : windows/meterpreter/reverse_tcp Platforms : Windows Architectures : x86 Target : 192.168.0.2 ( Windows 7 Home Premium K sp1 ) Attacker : 192.168.233.131 ( Windows7 Ultimate sp1 ) - Process - This time we will use vuln called MS10_046 MS10_046 : Shell Link Code Execution , Using specially controled go-to-icon, Executing Remote c.. 더보기
[Pentesting] XP sp3 Remote Exploit with ms08_067 - XP sp3 Remote Exploit with ms08_067 Vulnerability : MS08_067 PayLoad : windows/vcninject/reverse_tcp Platforms : Windows Architectures : x86 Target : 192.168.233.130 ( Windows XP sp3 ) Attacker : 192.168.233.129 ( Linux BackTrack5-R3 ) - Process - This time we will exploit Windows XP sp3 with ms08_067 vulnerability MS08_067 : When the system is requested RPC request, it allows Remote Code Exec.. 더보기