CVE-2017-8759 | Exploit toolkit CVE-2017-8759 - v1.0 is a handy python | Security Testing library

by bhdresh Python Version: v1.0 License: No License

X-Ray Key Features Code Snippets Community Discussions(1)Vulnerabilities Install Support

kandi X-RAY | CVE-2017-8759 Summary

CVE-2017-8759 is a Python library typically used in Testing, Security Testing applications. CVE-2017-8759 has no bugs, it has no vulnerabilities and it has low support. However CVE-2017-8759 build file is not available. You can download it from GitHub.

Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

Support

Quality

Security

License

Reuse

Support

CVE-2017-8759 has a low active ecosystem.

It has 309 star(s) with 122 fork(s). There are 22 watchers for this library.

It had no major release in the last 12 months.

There are 3 open issues and 4 have been closed. On average issues are closed in 0 days. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of CVE-2017-8759 is v1.0

Quality

CVE-2017-8759 has 0 bugs and 0 code smells.

Security

CVE-2017-8759 has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

CVE-2017-8759 code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

CVE-2017-8759 does not have a standard license declared.

Check the repository for any license declaration and review the terms closely.

Without a license, all rights are reserved, and you cannot use the library in your applications.

Reuse

CVE-2017-8759 releases are available to install and integrate.

CVE-2017-8759 has no build file. You will be need to create the build yourself to build the component from source.

Installation instructions are not available. Examples and code snippets are available.

Top functions reviewed by kandi - BETA

kandi has reviewed CVE-2017-8759 and discovered the below as its top functions. This is intended to give you an instant insight into CVE-2017-8759 implemented functionality, and help decide if they suit your requirements.

Parse arguments .
Main thread .
Start the RTF server .
Generate the malicious RTF .

Get all kandi verified functions for this library.

CVE-2017-8759 Key Features

No Key Features are available at this moment for CVE-2017-8759.

CVE-2017-8759 Examples and Code Snippets

No Code Snippets are available at this moment for CVE-2017-8759.

Community Discussions

Trending Discussions on CVE-2017-8759

How Microsoft Hides C# Internal Classes from a DLL's Metadata?

QUESTION

How Microsoft Hides C# Internal Classes from a DLL's Metadata?

Asked 2020-Apr-28 at 15:24

It all started when I wanted to analyze the code around CVE-2017-8759. I knew that the fix for the CVE was in a class named WsdlParser.cs inside System.Runtime.Remoting.dll which is part of the .Net Framework. You probably have this dll on your computer at a location similar to:

C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework.NETFramework\v4.7\System.Runtime.Remoting.dll

I used ilspycmd to re-assemble the code back to C#, and noticed that the WsdlParser.cs was missing in the output directory:

I later used CFF Explorer and saw that this type is indeed missing in the metadata in TypeDefs:

However, I know for a fact that this class is there:

It's in Microsoft's documentation: https://referencesource.microsoft.com/System.Runtime.Remoting/metadata/wsdlparser.cs.html
When using reflection and LoadAssembly() I was able to find the class:
...

ANSWER

Answered 2020-Apr-28 at 15:24

What you've found is a Reference Assembly. There's a big clue to that in the path you found it in.

Reference assemblies are a special type of assembly that contain only the minimum amount of metadata required to represent the library's public API surface. They include declarations for all members that are significant when referencing an assembly in build tools, but exclude all member implementations and declarations of private members that have no observable impact on their API contract.

(My emphasis)

And:

Generating reference assemblies for your libraries can be useful when your library consumers need to build their programs against many different versions of the library. Distributing implementation assemblies for all these versions might be impractical because of their large size. Reference assemblies are smaller in size, and distributing them as a part of your library's SDK reduces download size and saves disk space.

No magic, just a publicly documented means of distributing smaller files when the full file isn't required.

These assemblies are used at compile time, but not at runtime. For that you need an implementation assembly, which will be supplied by other means, such as it having been placed in the GAC.

Source https://stackoverflow.com/questions/61483217

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install CVE-2017-8759

You can download it from GitHub.
You can use CVE-2017-8759 like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: