We're pleased to announce the official release of Core Impact Pro 2014 R2.4. More than 40 updates have been added thus far, and they are available through the regular update channel for all Core Impact customers. Several new exploit modules have been released, including a remote exploit for MS15-011 that performs a MitM attack to obtain system privileges in computers joined to a domain, a local exploit for Ubuntu's apport utility (comes bundled by default) that is exploitable in both the latest available version (15.04) and latest LTS version (14.04), a remote exploit that compromises an IBM Lotus Domino server by using just a valid email account and an XSS attack for WordPress that could allow server side code execution if an administrator visits a blog post with a specially crafted comment. We also upgraded the existing SAINT importer to support version 8.0. In addition to the above, this release also includes:

  • 11 remote exploits, including some for Oracle and IBM products
  • 2 client-side exploits, including one for Internet Explorer and one for Flash
  • 2 local exploit for Linux and 1 for Windows
  • 2 denial-of-service modules, including one for Android mobile devices
  • Several general updates, including improvements to the evasion mechanism for several antiviruses, enhancements for numerous Java exploits, and performance improvements to the Network Attack and Penetration module and also to existing reports


Published Modules:

Remote Exploits

AVG Remote Administration StoreServerConfig Command Remote Code Execution Exploit Citrix NetScaler SOAP Handler Remote Code Execution Exploit IBM Lotus Domino BMP parsing Buffer Overflow Exploit IBM Tivoli Storage Manager FastBackMount GetVaultDump Buffer Overflow Exploit Microsoft Windows Group Policy Remote Code Execution Vulnerability Exploit (MS15-011) Microsoft Windows HTTP.sys Range Integer Overflow Memory Disclosure Exploit (MS15-034) PhpMyAdmin Unserialize Remote Code Execution Exploit Update OracleDB CSA Remote Code Execution Exploit AV Evasion Update OracleDB DBMS AW.EXECUTE CDA Command Remote Stack Overflow Exploit Schneider Electric ProClima MetaDraw ObjLinks Property Exploit Update Ultra Mini HTTPD Stack Buffer Overflow Exploit Update 2

Client-Side Exploits

Adobe Flash Player shared ByteArray Use-After-Free Exploit Update Microsoft Internet Explorer SetMouseCapture Use-After-Free Exploit Update

Local Exploits

Linux apport Race Condition Privilege Escalation Exploit Microsoft Windows Win32k Privilege Escalation Exploit (MS15-010) Symantec Endpoint Protection Kernel Pool Overflow Privilege Escalation Exploit Ubuntu Linux USBCreator D-Bus Service KVMTest Privilege Escalation Exploit

Exploit Tools

SMB Relay Update

Denial of Service

Control Microsystems ClearSCADA Remote DoS Update Android Wi-Fi Direct DoS

Cross Site Scripting (XSS)

Wordpress Comments XSS Exploit


Import Output from SAINT


Host Report Update PCI Vulnerability Validation Report Enhancement Vulnerability Validation Report Enhancement Wellness report update


AV Evasion Improvements v3 Multiples Java Exploits AV Improvements OOP Server Update RPT Attack and Penetrate runtime improvement Quick Info Enhancement Update Exploit Modules Information Maintenance Setup Metasploit Integration Update CVE Database Update