Register
Leak Society - The Home Of Nulled Resources.
Forum Beta v1 Now Live!
Microsoft Office 0day for sale real 100%
Thead Owner : OSH2021, Category : Sellers Market, 0 Comment, 447 Read
Viewers: 1 Guest(s)
OSH2021
Junior Member
**
1
Messages
1
Threads
0
Rep
4 Years of Service
09-18-2021, 05:48 PM
#1
demo : https://streamable.com/iqoxxc

protected view bypass : https://streamable.com/pr772b

this is my github :  https://github.com/MasterSploit

Quote:info : 

 1  1. Item name : Microsoft Office
 2 
 3  
 4  
 5 2. Affected OS:
 6 
 7         Windows 7 32/64bit , Windows 8.1 32/64bit , windows 10 32/64bit 
 8 
 9  
 10  3. Vulnerable Target application versions and reliability. If 32 bit only, is 64 bit vulnerable?
 11 
 12 Microsoft Office 2007 SP3 
 13 
 14 Microsoft Word 2013 Service Pack 1 (64-bit editions) 
 15 
 16 Microsoft Word 2013 Service Pack 1 (32-bit editions) 
 17 
 18 Microsoft Word 2013 RT Service Pack 1 0 
 19 
 20 Microsoft Word 2010 Service Pack 2 (64-bit editions) 0 
 21 
 22 Microsoft Word 2010 Service Pack 2 (32-bit editions) 0 
 23 
 24 Microsoft Office 2010 (64-bit edition) SP2 
 25 
 26 Microsoft Office 2010 (32-bit edition) SP2 
 27 
 28 Microsoft Word 2016 Service Pack 1 (64-bit editions) 
 29 
 30 Microsoft Word 2016 Service Pack 1 (32-bit editions) 
 31 
 32 Microsoft Office: 365 ProPlus  
 33 
 34  
 35  
 36 4. Does this exploit affect the current target version?
 37 
 38       [ - ] No 
 39 
 40  
 41 5. Privilege Level Gained
 42 
 43       [ - ] Medium
 44 
 45  
 46  
 47 6. Minimum Privilege Level Required For Successful PE
 48 
 49       [ - ] Medium
 50 
 51  
 52  
 53 7. Exploit Type (select all that apply)
 54 
 55       [ - ] Remote code execution
 56 
 57  
 58  
 59 8. Delivery Method
 60 
 61       [ - ] Via file
 62 
 63  
 64 9. Bug Class
 65 
 66       [ - ] memory corruption
 67 
 68  
 69  
 70 12. Number of bugs exploited in the item: 2
 71 
 72  
 73 13. Exploitation Parameters
 74 
 75       [ - ] Bypasses ASLR
 76 
 77       [ - ] Bypasses DEP / W ^ X
 78 
 79       [ - ] Bypasses EMET Version 5.52±
 80 
 81  
 82  14. Is ROP employed?
 83 
 84    [ - ] Yes (but without fixed addresses)
 85 
 86 More info after purchase , ROP chain is located in msvcr71.dll library.
 87 
 88  
 89 15. Does this item alert the target user? 
 90 
 91      NO , Completely Hidden shellcode Execution.
 92 
 93  
 94  16. How long does exploitation take, in seconds?
 95 
 96       5.2mil
 97 
 98  
 99 17. Does this item require any specific user interactions?
 100 
 101       NO , RCE without any interactions from target.
 102 
 103  
 104  18. Any associated caveats or environmental factors? For example - does the exploit determine 
 105 
 106       remote OS/App versioning,and is that required? 
 107 
 108       NO its does not determine any app version if its not the affected app version it will cause DOS.
 109 
 110  
 111 19. Does it require additional work to be compatible with arbitrary payloads?
 112 
 113       [ - ] Yes
 114 
 115       The exploit uses the heap spray technique in order to execute arbitrary code 
 116 
 117  
 118  20. Is this a finished item you have in your possession that is ready for delivery immediately?
 119 
 120       [ - ] Yes
 121 
 122  
 123   21. Impact on framework (crashes, etc.).
 124 
 125  
 126 Microsoft Office 2007 SP3  = no crash + perform the heap spray and execute a shellcode
 127 
 128 Microsoft Word 2013 Service Pack 1 (64-bit editions) = APP crash + perform the heap spray and execute a shellcode
 129 
 130 Microsoft Word 2013 Service Pack 1 (32-bit editions) = no crash + perform the heap spray and execute a shellcode
 131 
 132 Microsoft Word 2013 RT Service Pack 1 0 = no crash + perform the heap spray and execute a shellcode
 133 
 134 Microsoft Word 2010 Service Pack 2 (64-bit editions) 0 = no crash + perform the heap spray and execute a shellcode
 135 
 136 Microsoft Word 2010 Service Pack 2 (32-bit editions) 0 = no crash + perform the heap spray and execute a shellcode
 137 
 138 Microsoft Office 2010 (64-bit edition) SP2 = no crash + perform the heap spray and execute a shellcode
 139 
 140 Microsoft Office 2010 (32-bit edition) SP2 = no crash + perform the heap spray and execute a shellcode
 141 
 142 Microsoft Word 2016 Service Pack 1 (64-bit editions) = APP crash + perform the heap spray and execute a shellcode
 143 
 144 Microsoft Word 2016 Service Pack 1 (32-bit editions) = no crash + perform the heap spray and execute a shellcode
 145
146 Microsoft Office: 365 ProPlus = APP crash + perform the heap spray and execute a shellcode
 147 
 148  
 149 Other information : shellcode uses an incremental XOR to decode the malware 
 150 
 151 and then performs permutation on the first 512 bytes (to avoid PE detection)

mail : darkc0d3s@protonmail.com
Go Upstairs
Reply


Forum Jump:

© Leak Society Forum - All Rights Reserved. No files found on Leak Society are hosted on our servers, we only share resources hosted externally.

Extras
Navigation

Forum Stats

  • 18876 Topics,
  • 213121 Messages,
  • 54194 With our member,
Made with by Ghost
LeakSociety Custom MyBB Build v1.2