This module allows remote attackers to place arbitrary files on a temporary file system by abusing the LaunchInstaller() function from HSCRemoteDeploy module. Code execution can be achieved by first embedding the payload in a VBS file, and then request a HTA file, which executes the crafted VBS who creates and EXE with the agent included. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
CVE Link
Exploit Platform
Exploit Type
Product Name