Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)
Switch branches/tags
Nothing to show
Clone or download
Latest commit ed013ba Jun 23, 2016
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
exploit Commit Jun 23, 2016
support Commit Jun 23, 2016
LICENSE Initial commit Jun 22, 2016
README.md Commit Jun 23, 2016

README.md

CVE-2016-0189

Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)

Tested on Windows 10 IE11.

Write-up

http://theori.io/research/cve-2016-0189

To run

  1. Download support/*.dll (or compile *.cpp for yourself) and exploit/*.html to a directory.
  2. Serve the directory using a webserver (or python's simple HTTP server).
  3. Browse with a victim IE to vbscript_bypass_pm.html.
  4. (Re-fresh or re-open in case it doesn't work; It's not 100% reliable.)