Drop ungenuine x64 support in ms13_022_silverlight_script_object #4798
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The MS13-022 exploit does not actually run as x64. IE by default still runs 32-bit so BES will always automatically select that target.
If IE forces x64 (which can be done manually), the BES detection code will see it as ARCH_X86_64, and the payload generator will still end up generating a x86 payload anyway.
If the user actually chooses a x64 payload, such as windows/x64/meterpreter/reverse_tcp, the exploit is going to crash because you can't run x64 shellcode in a 32-bit payload or process.
I pointed out this issue yesterday with @jvazquez-r7, plus he worked on this module, so I'd like to assign this PR to him to verify.
Test
./msfconsole -x "use exploit/windows/browser/ms13_022_silverlight_script_object; run"