Permalink
Browse files

Language on MS12-005

  • Loading branch information...
1 parent 99b9261 commit 15b674dab366e262b34446d081d1123c54bff1ac @todb todb committed Jun 13, 2012
Showing with 4 additions and 4 deletions.
  1. +4 −4 modules/exploits/windows/fileformat/ms12_005.rb
View
8 modules/exploits/windows/fileformat/ms12_005.rb
@@ -22,9 +22,9 @@ def initialize(info={})
This module exploits a vulnerability found in Microsoft Office's ClickOnce
feature. When handling a Macro document, the application fails to recognize
certain file extensions as dangerous executables, which can be used to bypass
- the warning message. This allows you to trick your victim into opening the
- malicious document, which will load up either a python or ruby payload based on
- your choosing, and then finally download and execute our executable.
+ the warning message. This can allow attackers to trick victims into opening the
+ malicious document, which will load up either a python or ruby payload, and
+ finally, download and execute an executable.
},
'License' => MSF_LICENSE,
'Author' =>
@@ -247,4 +247,4 @@ def exploit
---
> if ( IsProgIDInList(0, result, extList, 0x11u) || !SHGetFileInfoW(pszPath, 0x80u, &psfi, 0x2B4u, 0x110u) )
31c31
-=end
+=end

0 comments on commit 15b674d

Please sign in to comment.