CVE-2018-8174 PoC — Microsoft Windows VBScript引擎缓冲区错误漏洞

Source

https://github.com/SyFi/CVE-2018-8174

Associated Vulnerability

Title:Microsoft Windows VBScript引擎缓冲区错误漏洞 (CVE-2018-8174)
Description:Microsoft Windows 7等都是美国微软（Microsoft）公司发布的一系列操作系统。Windows VBScript engine是其中的一个VBScript（脚本语言）引擎。 Microsoft Windows VBScript引擎中存在远程代码执行漏洞。远程攻击者可利用该漏洞在当前用户的上下文中执行任意代码，造成内存损坏。以下系统版本受到影响：Microsoft Windows 7，Windows Server 2012 R2，Windows RT 8.1，Windows Server

Description

MS Word MS WordPad via IE VBS Engine RCE

Readme

# CVE-2018-8174
MS Word MS WordPad via IE VBS Engine RCE 

MS Word and MS WordPad RCE via IE VBS RCE
https://github.com/smgorelik/Windows-RCE-exploits/tree/master/Web/VBScript

Save the index.html to webserver
then use the python script to generate RTF Exploit
Shellcode is static  Down\Exec Putty.exe from main website

check index.html for the shellcode

File Snapshot


 [4.0K]  /data/pocs/2ba47bad01f746aca86146f34926c8c4b41738ee
├── [ 11K]  index.html
├── [ 34K]  LICENSE
├── [6.7K]  msvbs.py
└── [ 358]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!