0day.today - Il più grande database di exploit nel mondo.

Seleziona la tua lingua:

Cose che dovresti sapere du questo:

Utilizziamo un dominio principale DOMAIN_LINK

Se vuoi acquistare l'exploit o ottenerlo, devi comprare i Gold.

We accept currencies: [contact admin to find more]

Non vogliamo che utilizzi i tool di hacking per atttività illecite sul nostro sito web, quindi ogni azione può avere effetti illegali su utenti e sul nostro sito web verrai bannato. ed il tuo account con i tuoi dati verranno distrutti.

L'amministrazione del sito usa contatti ufficiali. Attenzione agli istruttori!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

Sono un'utente registrato su 0day.today. Non voglio più vedere questa finestra in futuro.

Cosa fare prima?

Leggere il [ accordo ]
Leggere il [ Submit ] regole
Visita il [ faq ] page
[ Registrati ] profilo
ottieni [ Oro ]
Se vuoi [ vendere ]
Se vuoi [ comprare ]
se hai perso [ Account ]
Qualsiasi domanda [ [email protected] ]

links principali

Ci puoi contattare tramite

Mail:

[email protected]

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ Ripristina ]

Ci puoi contattare tramite:

Mail:

[email protected]

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Themebleed Windows 11 Themes Arbitrary Code Execution Exploit

[ 0Day-ID-39230 ]

Titolo

Themebleed Windows 11 Themes Arbitrary Code Execution Exploit [ Highlight ]

Highlight - is paid service, that can help to get more visitors to your material.

Price:

Data inserimento

08-01-2024

Categoria

remote exploits

Piattaforma

windows

Verificato

Prezzo

FREE

Rischio

[

Security Risk Critical

]

Rel. releases

Descrizione

When an unpatched Windows 11 host loads a theme file referencing an msstyles file, Windows loads the msstyles file, and if that file's PACKME_VERSION is 999, it then attempts to load an accompanying dll file ending in _vrf.dll. Before loading that file, it verifies that the file is signed. It does this by opening the file for reading and verifying the signature before opening the file for execution. Because this action is performed in two discrete operations, it opens the procedure for a time of check to time of use vulnerability. By embedding a UNC file path to an SMB server we control, the SMB server can serve a legitimate, signed dll when queried for the read, but then serve a different file of the same name when the host intends to load/execute the dll.

CVE

CVE-2023-38146

Other Information

Abuses

Commenti

Visualizzazioni

2 510

We DO NOT use Telegram or any messengers / social networks! Please, beware of scammers!

FREE

Open Exploit
You can open this source code for free

Open Exploit

Open Exploit
You can open this source code for free

Verified by

Verified by
This material is checked by Administration and absolutely workable.

Autore

metasploit

Exploits

1626

Lettori

[ Commenti: 0 ]

Users are forbidden to exchange personal contact details
Haggle on other sites\projects is forbidden
Reselling is forbidden

Punishment: permanent block of user account with all Gold.

Entra o registrati per lasciare un commento

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Themebleed Windows 11 Themes Arbitrary Code Execution Exploit

Report Error

Report Error