Metasploit add exploit module for quicktime backdoor
Quelle:
http://www.metasploit.com/redmine/projects/framework/repository/revisions/10192?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+metasploit%2Fdevelopment+(Metasploit+Development)
Metasploit Framework ist um einen weiteren Exploit reicher.
This module exploits a memory trust issue in Apple QuickTime 7.6.7.
When processing a specially-crafted HTML page, the QuickTime ActiveX
control will treat a supplied parameter as a trusted pointer. It
will then use it as a COM-type pUnknown and lead to arbitrary code
execution. This exploit utilizes a combination of heap spraying and
the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This
module does not opt-in to ASLR. As such, this module should be
reliable on all Windows versions. NOTE: The addresses may need to be
adjusted for older versions of QuickTime.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-1818
http://reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1
