We are pleased to announce the official release of Core Impact Pro 2014 R1.3 today, July 10. More than 50 updates have been added thus far, and are available through the regular update channel for all Core Impact customers who have upgraded to the latest version. Core Impact logo In this release we added enhancements to existing modules as well as new ones, such as:

  • Added cross architecture injection functionality between i386 and x86-64 processes
  • Expanded the platform support coverage for "Install Agent using WMI"
  • Updated the list of CVEs targeted by Metasploit
  • Improved the Client Side Phishing Attack module when it tries to get the SMB Encrypted credentials from the attacked machine
  • 15 client side exploits, including some for IE, Flash and Adobe Reader
  • 8 remote exploits, including some for Apache and OpenSSL
  • 3 local exploits for Windows and 1 for Linux
  • 2 denial-of-service modules for Windows

Here is the complete list of published modules: Client Side Adobe Flash Player Pixel Bender Exploit Adobe Reader X XFA BMP RLE Heap Corruption Exploit Microsoft Internet Explorer CDisplayPointer Use-After-Free Exploit (MS13-080) Microsoft Internet Explorer CMarkup Object Use-After-Free Exploit(MS14-021) AT&T Connect Participant Application SVT File Exploit Borland Silk Central TeeChart ActiveX Control AddSeries Untrusted Pointer Exploit HP LoadRunner lrFileIOService ActiveX WriteFileString Exploit IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Second Buffer Overflow Exploit IcoFX Buffer Overflow Exploit Publish-It PUI File Buffer Overflow Exploit QuickView Plus Client vsacs Buffer Overflow Exploit Schneider Electric OFS Client Buffer Overflow Exploit WellinTech KingScada kxClientDownload ActiveX Exploit Wireshark MPEG File Parser Buffer Overflow Exploit WinRAR Filename Spoofing Exploit Remote exploit Apache Struts ClassLoader Manipulation Remote Code Execution Exploit Catia CATSV5 Backbone Remote Buffer Overflow Exploit Dassault Systemes Catia CATV5_Backbone_Bus Buffer Overflow Exploit HP SiteScope issueSiebelCmd Remote Code Execution Exploit OpenSSL ChangeCipherSpec Message Vulnerability Checker Yokogawa Centum CS 3000 BKBCopyD Remote Buffer Overflow Exploit Yokogawa Centum CS 3000 BKHOdeq Remote Buffer Overflow Exploit WellinTech KingSCADA AEServer Buffer Overflow Exploit AVTECH DVR Camera Administration Login Console Captcha Bypass Exploit Local Microsoft Windows Kernel NDProxy Vulnerability Exploit (MS14-002) Microsoft Windows Shell File Association Vulnerability Exploit (MS14-027) Linux sudo env_reset Privilege Escalation Exploit Denial of Service Microsoft Windows Win32k Information Disclosure Vulnerability DoS (MS14-015) Microsoft Windows TCP TimeStamp Option Vulnerability DoS (MS14-031) Other Network Vulnerability Scanner Validator Wizard Update ClientSide Phishing Attack - SMB Credentials Grabber Update Cross architecture injection Install Agent Using WMI Network Vulnerability Scanner Validator Wizard Update Vulnerability Scanner Validator Wizard Update Supported services list update Metasploit Framework CVE Update Exploitlib utils update SMB Encrypted Credentials Exporter Exploits modules assorted fixes win32api library improvements Metasploit Framework CVE Update Windows Admin Search Update WMI Shell Update Client-Side Phishing Improvements OOP_Server Update As usual, your feedback and questions are greatly appreciated. Please send us your questions and suggestions that will help us develop an even better product. Email us at info@coresecurity.com Pablo Andres Rubinstein Director of QA and L3 for Core Impact Professional