CVE-2014-1815 (MS14-029) http://urlquery.net/report.php?id=1409133159199 …
-
-
Replying to @Ivanlef0u
@Ivanlef0u Quick paste of the code - http://pastebin.com/uAaVfYWg1 reply 6 retweets 7 likes -
Replying to @pyoor_
@Ivanlef0u Have you looked at the SWF? I'm guessing simple heap spray and Java/Office ROP - http://fdsfdstrt.com/storm.swf1 reply 0 retweets 1 like -
-
Replying to @Ivanlef0u
@Ivanlef0u Odd. Calc.exe just popped up? What kind of sorcery is this?1 reply 0 retweets 0 likes
Replying to @pyoor_
@pyoor_ @Ivanlef0u Heh, the swf downloads and executes <domain>/calc.exe which is currently the real calc.exe.
8:04 PM - 27 Aug 2014
1 reply
0 retweets
1 like
-
-
Replying to @_clem1
@_clem1@Ivanlef0u just out of curiosity but what ROP gadget was it using?0 replies 0 retweets 1 likeThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.