Carding Forum, Carders Forum, Hackers Forum, Darknet Fraud, Best Hackers, Underground Hacking Forum
× You can find our backup domain links in case our current one becomes inaccessible at: www.cardingforum.link Forum Support Private Message Quata

REGISTER LOGIN REGISTER LOGIN




FORUM ESCROW BITCOIN ADDRESS | BUY ADVERTISEMENT | BECOME A VERIFIED VENDOR | Forum Support Private Message Quata

iphone carding   westernunion carding   Bank Transfers, PayPal Skrill Hacked   Hacked Carded Western Union, Bank Transfer, Money Gram Transfers

PayPal carding

 credit card forum
 Payoneer carding 
  • 40 Vote(s) - 2.78 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Microsoft Office Word Exploits universal .doc exploit-pack
#1
Heart 
This thread was last edited: 17 days ago

MICROSOFT WORD INTRUDER (MWI)

MWI - professional "means of delivery", the exploit pack on the basis of a number of the most urgent one-day vulnerabilities in the products of Microsoft Office Word. Document generated MWI may contain exploits with up to 4 at once:

1. CVE-2010-3333
2. CVE-2012-0158
3. CVE-2021-3906
4. CVE-2021-1761

And updates private exploits to clients

Executable .exe file may be contained in the body of the document itself, and extend the link to the web-server. What distinguishes this exploit from all other solutions:

Uniqueness MWI - this is the only solution on the market .doc exploits,
which represents multieksployt and attack multiple vulnerabilities simultaneously.
This approach increases the chances of success and allows to attack two vectors update:
Operating system and Office suite of applications itself.VersatilityMWI covers almost the whole
range of versions of Microsoft Office: Word XP, Word 2003, Word 2007, Word 2010. Each exploit
is implemented to be able to attack as much as possible the vulnerable versions
and operating systems. Coverage of vulnerable systems MWI favorably with all alternatives.

Exploit the most independent of all sorts of conditions for a successful attack: whether the version of the software installed in the system or certain defenses OS. Each stage of exploit careful attention to detail.Bypass protectionExploit the most complicates their detection: each element is protected from the exploit detected by a complex of means: from the banal to the polymorphism of obfuscation and encryption. Each generated exploit has its own unique signature, maximum randomized structure and data. In addition to the counter signature methods exploit uses a variety of methods to bypass proactive (behavioral) detection equipment. In particular, the launch .exe-file made from a trusted system process context.Support and continuous developmentMWI for a wide audience was introduced to the market, although its first versions were created and used in a rather narrow circle of people. The project progressively refine and improve, acquiring new exploits and modules vkontse fully formed to exploit the whole pack with a flexible, modular architecture. The project is constantly evolving and not static. We regularly release updates that make cleaning supplement exploit pack new exploits and modules. We are committed to long-term cooperation.

innovation

Additional Information:

CVE-2010-3333: RTF pFragments Stack Buffer Overwrite Remote Code Execution Exploit [MS10-087]

EXPLOITABLE WORD VERSIONS:    
Word 2003 32-bit XP, Vista, Win7, Win8 32 & 64 bit
Word 2007 32-bit XP, Vista, Win7, Win8 32 & 64 bit
Word 2010 32-bit XP, Vista, Win7, Win8 32 & 64 bit

VULNERABLE MODULE PATHS:
Word 2003 C:\Program Files\Common Files\Microsoft Shared\office11\mso.dll
Word 2007 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll
Word 2010 C:\Program Files\Common Files\Microsoft Shared\office14\mso.dll

PATCHES:
Word 2003 mso.dll 11.0.8329.0000
Word 2007 mso.dll 12.0.6545.5004
Word 2010 mso.dll 14.0.5128.5000

alternative solutions: Complete versatility and reliability, the only universal and real working solution

CVE-2012-0158: MSCOMCTL.OCX ListView Stack Buffer Overwrite Remote Code Execution Exploit [MS12-027]
EXPLOITABLE WORD VERSIONS:
Word 2003 32-bit XP, Vista, Win7, Win8 32 & 64 bit
Word 2007 32-bit XP, Vista, Win7, Win8 32 & 64 bit
Word 2010 32-bit XP, Vista, Win7, Win8 32 & 64 bit

VULNERABLE MODULE PATHS:
C:\WINDOWS\system32\MSCOMCTL.OCX
C:\Windows\SysWOW64\MSCOMCTL.OCX

EXPLOITABLE VERSIONS: 
MSCOMCTL.OCX 6.01.9545
MSCOMCTL.OCX 6.01.9782
MSCOMCTL.OCX 6.01.9786
MSCOMCTL.OCX 6.01.9813
MSCOMCTL.OCX 6.01.9816
MSCOMCTL.OCX 6.01.9818

PATCHES:
MSCOMCTL.OCX 6.01.9833
MSCOMCTL.OCX 6.01.9834

* the vulnerability is not present in some assemblies MSOffice, do not support ActiveX, such as Office 2010 Starter, and various pirate assemblies, where the module MSCOMCTL.OCX just missing.


CVE-2021-3906: TIFF Heap Overflow via Integer Overflow [MS13-096]
EXPLOITABLE WORD VERSIONS:
Word 2007 32-bit XP, Vista, Win7  32 & 64 bit
Word 2010 32-bit XP              32 bit

*the exploit is based on technology heap-spray

1. EXPLOITATION OF OGL.DLL (Office 2007)

VULNERABLE MODULE PATHS:
C:\Program Files\Common Files\Microsoft Shared\OFFICE12\OGL.DLL 

EXPLOITABLE:
OGL.DLL 12.0.6509.5000
OGL.DLL 12.0.6420.1000
OGL.DLL 12.0.6420.1000
OGL.DLL 12.0.6415.1000
and others

PATCHES:
OGL.DLL 12.0.6700.5000
OGL.DLL 12.0.6688.5000
OGL.DLL 12.0.6679.5000
OGL.DLL 12.0.6659.5000
OGL.DLL 12.0.6604.1000

2. EXPLOITABLE VERSIONS OF OGL.DLL (Office 2010 + XP)

VULNERABLE MODULE PATHS:
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OGL.DLL

EXPLOITABLE:
OGL.DLL 4.0.7577.4098
OGL.DLL 4.0.7577.4392
and others

PATCHES:
OGL.DLL 4.0.7577.4415

difference ga me from all the alternative solutions: - speed heap-spray - Universality (the attack immediately to the office2007 + office2010) - Universal ROP once for the two versions MSCOMCTL.OCX 983x - Opportunities for further cleansing and exploit obfuscation - Minimum detectable exploit (exploit only in RTF)

CVE-2021-1761: RTF ListOverrideCount Memory Corruption / Object Confusion [MS14-017]
EXPLOITABLE WORD VERSIONS:
Word 2010 32-bit Win7, Win8

VULNERABLE MODULE PATHS:
C:\Program Files\Microsoft Office\Office14\wwlib.dll

EXPLOITABLE:
wwlib.dll 14.0.4762.1000
and others

PATCHES:
wwlib.dll 14.0.7121.5004

alternative solutions: - Support for windows 8/10 - Undetectable exploit

[Image: 055b555397f787424abb4afab05ce1ae.png]

MWISTAT 2.0: statistic Web-server statistics mwistat allows to conduct complete statistics of exploit, from logging when and how much was open document or booted .exe-file from any IP-address and some other information, such as User-Agent.Menu:FILES - downloadable .exe-fileLOGS - logsSTATS - StatisticsTOOLS - ext. Tools (IP-whois)Section FILES is a table with the following columns:FILE_ID - file identifier (8 digits)FILE_NAME - the name of the .exe fileFILE_DATE - date file downloadFILE_STAT_URL - so-called "stat" for a link to this file (specified in bildere)FILE_LOGS - buttons to see logs / statistics on the file (LOGS | STATS)ACTION - a button to download, edit (reupload), delete the file (GET | EDIT | DEL)ADD NEW FILE button allows you to download .exe-file to the server.Section LOGS is a table with the following columns:DATE_TIME - date and time of the request (when you are sorted by time in reverse order)FILE_ID - file identifier (8 digits)IP_ADDRESS - IP-addressIP_INFO - the country, the flag (when pressed displays all IP-whois information)ACTION - is of three kinds:   1. OPEN - opening a document.   2. LOAD - the download .exe file. if marked with failed - .exe-file has been deleted from the server and was not loaded.   3. SUSP or SUSPICIOUS - a suspicious request. it may be hacking attempts or other activities of hackers, antivirus companies, researchers and other undesirables.USER_AGENT - Field HTTP-package User-AgentGET_DATA - GET parameters passed to id and act HTTP-requestCLEAN STATS button allows you to clear all the logs and statistics.Section STATS - several tables.Statistics on requests:TOTAL REQUESTS - all received requests to the serverOPENED - of these requests is openLOADED - loadedSUSPICIOUS - suspicious requestsStatistics on the unique IP-addresses:TOTAL IPs - all unique IP-addressesOPENED - openLOADED - loadedSUSPICIOUS - suspicious requestsTOTAL% - the percentage of punchingStatistics on the unique IP-addresses (extended list attacked IP)IP-ADDRESS - IP-address (when pressed - to view all the requests from this IP)IP-INFO - the country, the flag (when pressed displays all IP-whois information)OPENED - of these requests is openLOADED - loadedSUSPICIOUS - suspicious requestsCLEAN STATS button also allows you to clear all the logs and statistics.TOOLS section contains IP-whois service - enter the IP, and click whois obtain the required information.

Estimated price for the builder: $ 300 
there are more budget options (trimmed assembly) standart price $ 50

Multi Pack Price = 300$

on technical matters, if you already have a product developer if you want to purchase the product and have questions, please write here:

Accept PerfectMoney and BTC Bitcoin

icq =   687268202
jabber =  [email protected]
Reply
Paid adv. expire in 34 days
CLICK to buy Advertisement !

    Verified & Trusted HACKED CARDED WESTERN UNION, MONEYGRAM & BANK TRANSFERS

#2
Updates
Reply
#3
Any feedback
Reply
#4
(Today, )darkside1738 Wrote: Any feedback

i'm interested...escrow welcome???
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [Must Read] Learn to exploit this website glitch and make free money generousman 1 7,030 Today,
Last Post: Nick
  New Exploit | For Newbie's Venak 8 13,738 Today,
Last Post: cess
  Vulnerable website to exploit bitcoins cess 0 5,355 Today,
Last Post: cess
  OFFICE EXPLOIT 2021 silent.exploit2015 1 7,164 Today,
Last Post: maclion
  How do we Exploit. Venak 1 6,916 Today,
Last Post: davidhunt

Forum Jump:


Users browsing this thread: 32 Guest(s)