TUCoPS :: Windows :: v7-2268.htm

WMF: New Metasploit Framework Module
WMF: New Metasploit Framework Module
WMF: New Metasploit Framework Module


We just released a new version of the Metasploit Framework exploit module 
for the Escape/SetAbortFunc code execution flaw. This module now pads the 
Escape() call with random WMF records. You may want to double check your 
IDS signatures -- most of the ones I saw today could be easily bypassed 
or will false positive on valid graphic files.

Available via msfupdate, the 2.5 snapshot, or straight from the web site:
http://metasploit.com/projects/Framework/exploits.html#ie_xp_pfv_metafile 

-HD

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH