Skip to content
Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)
Branch: master
Clone or download
Latest commit 03b9eb6 Jan 4, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
exploit
LICENSE
README.md Update README Jan 4, 2017

README.md

chakra.dll Info Leak + Type Confusion for RCE

Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)

Tested on Windows 10 Edge (modern.ie stable).

FillFromPrototypes_TypeConfusion.html: WinExec notepad.exe

FillFromPrototypes_TypeConfusion_NoSC.html: 0xcc (INT 3)

To run

  1. Download exploit/FillFromPrototypes_TypeConfusion.html to a directory.
  2. Serve the directory using a webserver (or python's simple HTTP server).
  3. Browse with a victim IE to FillFromPrototypes_TypeConfusion.html.
You can’t perform that action at this time.