Posts Tagged ‘windows’

Microsoft Windows LNK Shortcut File Code Execution

This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 (CVE-2015-0096). The created LNK file is similar except in an additional SpecialFolderDataBlock is included. The folder ID set in this SpecialFolderDataBlock is set to […]

Windows Browser Example Exploit

This template covers IE8/9/10, and uses the user-agent HTTP header to detect the browser version. Please note IE8 and newer may emulate an older IE version in compatibility mode, in that case the module won’t be able to detect the browser correctly. This is an example Metasploit module to be used for exploit development. Source: […]