![]() Notably, this exploit does not contain bypasses for It uses dynamic ROP chain creation for its RIP This is a 64-bit adaptation of CVE-2020-0674 which can exploit both IE8/11Ħ4-bit as well as the WPAD service on Windows 7 and 8.1 圆4. |_| |_| | WPAD sandbox escape | -> | svchost.exe | | firefox.exe | -> | svchost.exe | -> | spoolsv.exe | Windows 8.1 IE/Firefox RCE -> Sandbox Escape -> SYSTEM EoP Exploit Chain ![]() # Original (IE-only/Windows 7-only) exploit credits: maxpl0it # Tested on: Windows 7 圆4, Windows 8.1 圆4 # Versions: IE 8-11 (64-bit) as well as the WPAD service (64-bit) on Windows 7 and 8.1 圆4 Change Mirror Download # Exploit Title: Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |