Decidedly Gray decidedlygray

Security Researcher, Pentester of networks/IoT/apps/whatever. https://keybase.io/decidedlygray

48 followers · 41 following

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

righettod / log4shell-payloads.md

Last active December 18, 2023 06:41

List of log4shell payloads seen on my twitter feeds

Objective

This gist gather a list of log4shell payloads seen on my twitter feeds.

💨 I will update it every time I see new payloads.

The goal is to allows testing detection regexes defined in protection systems.

⚠️ ⚠️ ⚠️

tothi / ms-msdt.MD

Last active February 7, 2025 12:01

The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.

OlderNewer