关联漏洞
标题:Microsoft Outlook 安全漏洞 (CVE-2024-21378)Description:Microsoft Outlook是美国微软(Microsoft)公司的一套电子邮件应用程序。 Microsoft Office Outlook存在安全漏洞。以下产品和版本受到影响:Microsoft Office 2019 for 32-bit editions,Microsoft Office 2019 for 64-bit editions,Microsoft 365 Apps for Enterprise for 32-bit Systems,Microsoft 365 Apps for Ente
Description
This repository contains an exploit for targeting Microsoft Outlook through Exchange Online, leveraging a vulnerability to execute arbitrary code via COM DLLs. The exploit utilizes a modified version of Ruler to send a malicious form as an email, triggering the execution upon user interaction within the Outlook thick client.
介绍
<div align="center">
# 🇮🇱 **#BringThemHome #NeverAgainIsNow** 🇮🇱
**We demand the safe return of all citizens who have been taken hostage by the terrorist group Hamas. We will not rest until every hostage is released and returns home safely. You can help bring them back home.
https://stories.bringthemhomenow.net/**
🛡️ CVE-2024-21378
This repository contains an exmple of an exploit for targeting Microsoft Outlook through Exchange Online, leveraging a vulnerability to execute arbitrary code via COM DLLs. The exploit utilizes a modified version of Ruler to send a malicious form as an email, triggering the execution upon user interaction within the Outlook thick client.
Exploit Overview
The exploit works by obtaining access tokens via device code phishing/vishing, then crafting a COM compliant DLL that is sent as a form attachment using Ruler. The user interaction within Outlook is required to trigger the form execution, leading to the loading of the malicious DLL into the Outlook process.
Instructions
Obtain refresh tokens via device code phishing/vishing.
Compile a COM DLL containing the desired code.
Modify the provided Python script with the target URL, access token, recipient email, DLL path, and CLSID.
Run the Python script to send the malicious form to the target Outlook account.
Wait for the user to interact with the email in the Outlook client to trigger the execution.
Requirements
Python 3.x
Requests library (pip install requests)
Disclaimer
This exploit is for educational purposes only. Misuse of this tool may violate laws and regulations. Use responsibly and only on systems you are authorized to test.
</div>
文件快照
[4.0K] /data/pocs/cae5a9b570dc4c51be781483ead1f5f99bc7ff2d
├── [ 912] CVE-2024-21378.py
└── [1.7K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。