hs anyone review it? As op says it does take a lot of error and trial to undetect.
CVE 2017-8570 to CVE 2017-11882 RE-BRANDED
#81
Posted 27 May 2019 - 04:11 AM
#82
Posted 27 May 2019 - 05:52 PM
I shared my experience days ago about my team and i working to REFUD custom CVE some cluelessly said all manners of rubbish.
This is link to my thread https://www.nulled.t...loit-by-my-team
Now am going to show you a sample of a custom CVE
This is a file given to my group which is 21/32
Now after playing around we could clean it up to 6/32
Also some people said 2017-11882 is patched
Answer is "YES" but 11882 executes when the memory allocated is corrupted then it has 4.523 secs to execute command line.
But when you drop it from another RTF it has 8.193 secs to execute. Since microsoft words opens a WBK file. We just rename extension to plugin.wbk as seen below.
Here comes the trick to bypass Microsoft Patch. This was sold on the dark web for 4000 AED.
Everyone is now unto CVE 2018-0802, CVE 2018-8414, CVE 2018-8714 but the secret is that non works as much as CVE 11882. All you have to do is embed into CVE 2017-8570
CVE 2017-8570 is fully silent and FUD/UD in some cases. All attachable via any mail server, any email client and any chat forum.
CVE 2017-8570
This link above proves that it works on an updated PC as of 09/14/2018
app.any.run PC are always updated and patch installed.
Now i will explain deeper. CVE 2017-8570 downloads CVE 2017-11882 as plugins.wbk and executes a HTA command which is asked to download a crypted LOKI bot and executed silently.
This technique got me closely 200 bots in 2 days via email spreading
My Bot Chart:
My Total Bots in 2days:
So please for those saying exploits sellers are all SCAMS and FAKE. This is prove that FUD/UD exploits still exists. Just do the right research
My team is looking forward to more customers from nulled.
Got an issue with SMTP? Get my PMTA guide here
https://www.nulled.t...0-inbox-rate/ Unlimited SMTP until the VPS is shutdown by its administrator.
ok thanks for share!!!
Users browsing this thread: