CVE-2018-15982 PoC — Adobe Flash Player 安全漏洞

Source

https://github.com/jas502n/CVE-2018-15982_EXP_IE

Associated Vulnerability

Title:Adobe Flash Player 安全漏洞 (CVE-2018-15982)
Description:Adobe Flash Player是美国奥多比（Adobe）公司的一款跨平台、基于浏览器的多媒体播放器产品。该产品支持跨屏幕和浏览器查看应用程序、内容和视频。 Adobe Flash Player中存在释放后重用漏洞。攻击者可利用该漏洞执行任意代码。以下产品和版本受到影响：基于Windows、macOS和Linux平台的Adobe Flash Player Desktop Runtime 31.0.0.153及之前版本，基于Windows、macOS、Linux和Chrome OS平台的Adobe Fl

Description

CVE-2018-15982_EXP_IE

Readme

# CVE-2018-15982_EXP

## Usage

```

msfvenom -p windows/exec cmd=calc.exe -f raw > 86.bin

msfvenom -p windows/x64/exec cmd=calc.exe -f raw > 64.bin

python CVE_2018_15982.py -i 86.bin -I 64.bin

```

output `exp.swf` and `index.html`。

## Demo

https://twitter.com/Evi1cg/status/1071284773169950721

![](./CVE-2018-15982.jpg)

<video id="video" controls="" preload="none" poster="https://github.com/jas502n/CVE-2018-15982_EXP_IE/raw/master/CVE-2018-15982.jpg">
      <source id="mp4" src="https://github.com/jas502n/CVE-2018-15982_EXP_IE/blob/master/CVE-2018-15982_EXP_IE.mp4" type="video/mp4">
</video>

File Snapshot


 [4.0K]  /data/pocs/9b75baadf5c0eb5e25d75051f2bc80fbc609514f
├── [ 276]  64.bin
├── [ 193]  86.bin
├── [7.6M]  CVE-2018-15982_EXP_IE.mp4
├── [239K]  CVE-2018-15982.jpg
├── [ 20K]  CVE_2018_15982.py
├── [8.7K]  exploit.swf
├── [ 356]  index.html
├── [  54]  push.sh
└── [ 608]  README.md

0 directories, 9 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!