[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Microsoft Office Word 2003+2007+2010 Universal 0day Exploit

[ 0Day-ID-22772 ]
Full title
Microsoft Office Word 2003+2007+2010 Universal 0day Exploit [ Highlight ]
Highlight - is paid service, that can help to get more visitors to your material.

Price: 10
Date add
Category
Platform
Verified
Price
 
0.04 BTC

 
3 800 USD
Risk
[
Security Risk Critical
]
Rel. releases
Description
This module targets Office 2003 [no-SP/SP1/SP2/SP3] + 2007 [no-SP/SP/SP2/SP3] + Office 2010 [no-SP/SP1] versions.

This module exploits a stack buffer overflow in SCOMCTL.OCX. It uses a malicious RTF to embed the specially crafted MSComctlLib.ListViewCtrl.2 Control as exploited in the wild on April 2012. Exploitation on this one is easy. We created a VM with Windows 7 fully patched and then installed Microsoft Office 2007 (no SP).

We rebooted the VM. We loaded up the MS Office Word 2003+2007+2010 mscomctl Universal Exploit exploit in metasploit and setup a meterpreter reverse tcp payload. We created the malicious msf.doc file by exploiting the module and then setup a multi-handler with a reverse tcp payload. We copied the malicious msf.doc file to the target machine using a SMB transfer. The stage was sent when we opened the msf.doc file and a meterpreter session was opened with our user account. We installed the SP 3 patch for Office and rebooted the machine. We tested the exploit again and received a meterpreter shell. We rolled back the VM to a clean Windows install and then installed Office Professional 2010 with SP1. We repeated the above exploitation steps and were given another meterpreter session.
Affected ver
MS Office Word 2003 / 2007 / 2010
XP(x86+x64) / Vista(x86+x64) / 7(x86+x64) / 8(x86+x64) / 8.1(x86+x64) English
Other Information
Abuses
0
Comments
0
Views
11 788
We DO NOT use Telegram or any messengers / social networks! We DO NOT use Telegram or any messengers / social networks! Please, beware of scammers!
Please login or register to buy exploit.
OR
Buy incognito
0
0
Verified by 0day Admin
Verified by 0day Admin
This material is checked by Administration and absolutely workable.
Learn more about    GOLD:
0day.today Gold is the currency of 0day.today project and is denoted on this site as such image: . It used for paying for the services, buying exploits, earning money, etc
We accept:
BitCoin (BTC)
You can pay us via BTC
LiteCoin (LTC)
You can pay us via LTC
Ethereum (ETH)
You can pay us via ETH

BL
29
Exploits
293
Readers
104
[ Comments: 0 ]
Terms of use of comments:
  • Users are forbidden to exchange personal contact details
  • Haggle on other sites\projects is forbidden
  • Reselling is forbidden
Punishment: permanent block of user account with all Gold.

Login or register to leave comments