[framework] VML exploit
H D Moore
hdm at metasploit.com
Mon Sep 25 20:02:52 CDT 2006
The VML exploit has been added for 2.6 (msfupdate), it works on every
version of Windows I tried. If anyone can test on NT 4.0, Windows 2003
SP1, or Windows Vista, please let me know of the results.
The module name is 'ie_vml_rectfill', the 3.0 version may not be ready for
a couple hours (dinner time, I need a break).
http://metasploit.com/projects/Framework/exploits.html#ie_vml_rectfill
-HD
On Monday 25 September 2006 11:41, Chris Byrd wrote:
> This list has been pretty quiet about the MSIE VML exploit. It seems
> to me like it is a perfect match for inclusion in metasploit, as it
> would work great especially with msf3's passive exploits. The public
> exploit on milw0rm's site even includes some code from msf. Is anyone
> working on a module for 2.6 or msf3? I'll admit that I don't have the
> skill to do it, but I'd love to see one for demonstration and testing
> of vulnerability.
>
> - Chris
More information about the framework
mailing list