0day Exploit Code

Info: A remote code execution vulnerability(CVE-2017-0199) exists in Microsoft word. The successful exploitation of this vulnerability could take control of an affected system. An attacker could get metasploit meterpreter session.

Source code:
Note : Source code is for Security Researchers and maintained only for a research propose. Please do use for Educational propose.
   1. https://github.com/bhdresh/CVE-2017-0199
   2. https://www.rapid7.com/db/modules/exploit/windows/fileformat/office_word_hta
   3. https://github.com/Trietptm-on-Security/htattack

Verification: Verified by 0day Exploit Code Team.
Tested on Windows 10 (64 bit), Windows server 2012(64 bit), Windows 7(64 bit), Windows 8.1(64 bit) with Microsoft Word 2010.

Patch:
1. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
If you have any questions related to this exploit, please feel free to ask your questions.

Info: A hacker group known as Shadow Brokers leaked NSA's exploit source code.

List of available plugin category:
fb > help
Plugin Category: ImplantConfig
==============================
Name              Version
----    -------
Darkpulsar              1.1.0
Mofconfig 1.0.0

Plugin Category: ListeningPost
==============================
Name                  Version
----    -------

Plugin Category: Exploit
========================
Name                   Version
---- -------
Easybee                   1.0.1
Easypi    3.1.0
Eclipsedwing    1.5.2
Educatedscholar    1.0.0
Emeraldthread     3.0.0
Emphasismine      3.4.0
Englishmansdentist    1.2.0
Erraticgopher 1.0.1
Eskimoroll            1.1.1
Esteemaudit       2.1.0
Eternalromance    1.4.0
Eternalsynergy        1.0.1
Ewokfrenzy    2.0.0
Explodingcan        2.0.2
Zippybeer               1.0.2

Plugin Category: Touch
======================
Name    Version
---- -------
Architouch                    1.0.0
Domaintouch                   1.1.1
Eclipsedwingtouch         1.0.4
Educatedscholartouch 1.0.0
Emeraldthreadtouch    1.0.0
Erraticgophertouch        1.0.1
Esteemaudittouch          2.1.0
Explodingcantouch     1.2.1
Iistouch                      1.2.2
Namedpipetouch            2.0.0
Printjobdelete            1.0.0
Printjoblist                1.0.0
Rpctouch                  2.1.0
Smbtouch    1.1.1
Webadmintouch                 1.0.1
Worldclienttouch      1.0.1

Plugin Category: Payload
========================
Name Version
---- -------
Doublepulsar              1.3.1
Jobadd                    1.1.1
Jobdelete                 1.1.1
Joblist                   1.1.1
Pcdlllauncher             2.3.1
Processlist               1.1.1
Regdelete 1.1.1
Regenum                   1.1.1
Regread 1.1.1
Regwrite                1.1.1
Rpcproxy              1.0.1
Smbdelete             1.1.1
Smblist                   1.1.1
Smbread       1.1.1
Smbwrite              1.1.1

Plugin Category: Special
========================
Name    Version
----    -------
Eternalblue 2.2.0
Eternalchampion       2.0.0

Source code:
Note : Source code is for Security Researchers and maintained only for a research propose. Please do use for Educational propose.
   1. https://github.com/DonnchaC/shadowbrokers-exploits
2 . https://github.com/adamcaudill/EquationGroupLeak
3. https://github.com/x0rz/EQGRP

Verification: Verified by 0day Exploit Code Team.
Tested on Windows 2008 server (64 bit) and Windows 7(64 bit).

Patch :

1. https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/
2. https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
If you have any questions related to this exploit, please feel free to ask your questions.

0day Exploit Code

Thursday, 18 May 2017

Microsoft word zero day exploit source code

Sunday, 14 May 2017

NSA leaked zero day exploit code