0x09AL/CVE-2018-8174-msf 0x09AL/CVE-2018-8174-msf

  • Stars
    star
    166
  • Rank 227,748 (Top 5 %)
  • Language
    Ruby
  • Created over 6 years ago
  • Updated almost 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
0x09AL/CVE-2018-8174-msf
github

0x09AL

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

CVE-2018-8174 - VBScript memory corruption exploit.

CVE-2018-8174-msf

This is a metasploit module which creates a malicious word document to exploit CVE-2018-8174 - VBScript memory corruption vulnerability.

This module is a very quick port and uses the exploit sample that was found in the wild. The exploit works only for Microsoft Office 32-bit.

There are a lot of things that need to get better at this module but I will update it in the future if I find some time.

Installation

  1. Copy the CVE-2018-8174.rb to /usr/share/metasploit-framework/modules/exploits/windows/fileformat/
  2. Copy the CVE-2018-8174.rtf to /usr/share/metasploit-framework/data/exploits/

The exploit doesn't work very well with meterpreter shellcode so it's better to use non-staged reverse shell.

Disclaimer

DO NOT USE THIS SOFTWARE FOR ILLEGALL PURPOSES.

THE AUTHOR DOES NOT KEEP ANY RESPONSIBILITY FOR ANY MISUSE OF THE CODE PROVIDED HERE.

More Repositories

1

RdpThief

Extracting Clear Text Passwords from mstsc.exe using API Hooking.
C++
951
star
2

raven

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.
Go
753
star
3

IIS-Raid

A native backdoor module for Microsoft IIS (Internet Information Services)
C++
488
star
4

WordSteal

This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does not keep responsibility for any illegal action you do.
Python
228
star
5

DNS-Persist

DNS-Persist is a post-exploitation agent which uses DNS for command and control.
C++
197
star
6

DropboxC2C

DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.
Python
143
star
7

go-deliver

Go-deliver is a payload delivery tool coded in Go.
Go
116
star
8

CVE-2017-11882-metasploit

This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.
Ruby
98
star
9

Browser-C2

Post Exploitation agent which uses a browser to do C2 operations.
Go
96
star
10

AzureCLI-Extractor

A tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.
C#
43
star
11

RsaTokenExtractor

A simple toolkit on extracting RSA Software Tokens from RSA SecureID
C#
41
star
12

my-exploits

My public exploit collection.
Python
31
star
13

0x09al.github.io

Ruby
2
star