POC for MS16-042 Excel Heap Exploit

by admin

Thursday, April 14th, 2016 at 1:13 am

A new heap memory corruption (Out-of-Bounds Read) that affects Microsoft Office Excel 2007,2010,2013 and 2016. This vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office Excel file (.xlsm).
Advisory & POC

Windows 10 RS1 14316

by admin

Sunday, April 10th, 2016 at 3:44 pm

The build brings new changes targeting previously exploited dll-hijacking and uac bypass method vulnerabilities.

cliconfg.exe – can no longer be used as target for autoelevation as MS changed it manifest to autoelevate=false.

mmc.exe – event viewer console fixed, dll hijacking no longer works.

fake IIS inetmgr.exe launch from inetsrv appinfo hardcoded directory fixed too – Windows will not allow you to run & autoelevate anything except legit InetMgr.exe from system32\inetsrv directory.

Bypasses alot of the methods used by UACme that is posted in my ::Wiki::
IP: Loading... - Host: Loading...
IP Geolocation: unknown.

We love our country, but fear our government.

https://www.voleybolum.org/
https://www.arschorus.com/
https://voteantoniobrown.com/
https://enriquefeldman.com/
https://hotel.kirpisoft.com.tr/
https://tms.timetotimecourierservice.com/
https://nanucloud.com/about-us/
https://www.ucandaire.org/
https://nelsonhouseantiques.com/
https://www.bng-tech.com/en/
https://mikestgp.com/
https://mindspecialistsschool.com/site/about/
https://cherrylodgecancercare.org/
https://lsppetalindo.com/klien/
https://bitacorapolitica.com.mx/
https://www.greensswatertanks.com/
https://smyrnalibrary.org/
https://www.blueridgecafefloyd.com/
https://kaashitech.com/
https://metlife-indmed.mednet-global.com:8855/
https://cms.mindspecialistsschool.com/
https://shmechanicals.com/
https://hoteldesetrangers.com.tr/canakkale/
https://metalescamacho.com/nosotros/
https://www.5tips.co/freebies/
https://fcjcorredoresdeseguros.com/contacto/
https://poligreenperu.com/servicios/
https://rymline.com/servicios/
https://webbasel.com/
https://abaclofen.com/
https://noobzinho.com/
https://aprilisarte.com/
https://elmentor.com.py/contact-us/
https://jmluque.gov.py/minutas/
https://nagawin88.vip/
https://anket.bigsportawards.com/
https://solucionesempresas.org/
https://servicio-maritimo.com/
https://xn--viasyparrasdelsur-gxb.com/contact/
https://sitiodato.com/contacto/
https://calientitas.club/21-2/
https://www.bdoentry.com/
https://richpointofview.com/
https://www.beingawoman.org/events/
https://ekumen.com.tr/
https://www.tirarobots.com/
https://www.simetiket.com/referanslar/
https://boranaumutol.com/sss/
https://hygeiaes.net/
https://www.kapilgrv.in/
https://holidayresortsmurree.com/services/
https://invisay.com/reseller/
https://ethio.shop/about-us/