PoC Code Available for Microsoft Edge Remote Code Execution Bug

itman · Nov 18, 2018

aigle said: ↑

Anyone knowsif any new POC is available?
Click to expand...

Find the guy a job and he will owe you ……….. Hopefully he will find one before the "Dark Side" uses his talents.

Yushi Liang‏ @Yux1xi Oct 22

Looking for a job (remote) need a stable work, tired of selling my research for cheap payouts, i did exploit dev & training (browsers most time) for last 2 years. please DM me with offers
Click to expand...

https://twitter.com/Yux1xi

Rasheed187 · Nov 24, 2018

aigle said: ↑

BTW I tried it with MBAE and no peep from it so it seems that anti-exploits are also useless against zero day exploits just as AVs are useless against zero day malware.
Click to expand...

Wait a minute, say what? So it didn't stop it from executing calc.exe? That's why anti-exe is still one the best solutions against exploits. Same goes for third party sandboxes, if Edge was protected with SBIE ithe malware would have been contained. But Edge can't be sandboxed of course.

aigle · Nov 28, 2018

Rasheed187 said: ↑

Wait a minute, say what? So it didn't stop it from executing calc.exe?
Click to expand...

yes

Rasheed187 · Dec 1, 2018

aigle said: ↑

yes
Click to expand...

Now that I think of it, this exploit is not based on memory corruption, so probably that's why MBAE didn't stop it. I'm guessing that HMPA will also not stop it.

guest · Dec 27, 2018

Demo Exploit Code Published for Remote Code Execution via Microsoft Edge
December 27, 2018
https://www.bleepingcomputer.com/ne...for-remote-code-execution-via-microsoft-edge/

Exploit code demonstrating a memory corruption bug in Microsoft's Edge web browser has been published today by the researcher that discovered and reported the vulnerability in the first place. The code can lead to remote code execution on unpatched machines.

The proof-of-concept code has 71 lines and results in an out-of-bounds (OOB) memory read leak; the effect may not appear that damaging but an attacker can modify the demo exploit to achieve a more harmful outcome.

I published the PoC for CVE-2018-8629: a JIT bug in Chakra fixed in the latest security updates. It resulted in an (almost) unbounded relative R/W
— Bruno @ C3 (@bkth_) December 27, 2018
"Chakra failed to insert value compensation which causes the headSegmentsym to be reloaded but not the headSegmentLength sym, we, therefore, accessed the new buffer with the wrong length checked," explains a comment in the demo code.
Unpatched systems at risk
"In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website," Microsoft notes in its advisory this month.
Click to expand...

Log in or Sign up

PoC Code Available for Microsoft Edge Remote Code Execution Bug

itman Registered Member

Rasheed187 Registered Member

aigle Registered Member

Rasheed187 Registered Member

guest Guest

Log in or Sign up

PoC Code Available for Microsoft Edge Remote Code Execution Bug

itman Registered Member

Rasheed187 Registered Member

aigle Registered Member

Rasheed187 Registered Member

guest Guest

Useful Searches