Exploit/Advisories
Published on January 22nd, 2020 📆 | 6700 Views ⚑
0KeePass 2.44 – Denial of Service (PoC)
# Exploit Title : KeePass 2.44 - Denial of Service (PoC)
# Product : KeePass Password Safe
# Version : < 2.44
# Date: 2020-01-22
# Vendor Homepage: https://keepass.info/
# Exploit Author: Mustafa Emre Gül
# Website: https://emregul.com.tr/
# Tested On : Win10 x64
# Description : The free, open source, light-weight and easy-to-use password manager.
PoC:
Open KeePass > Help > About KeePass > Help (any local help area) >
Drag&Drop HTML File
Save the contents to html.
Payload-1:
(DoS & Run Cmd)
Payload-2:
(run iexplorer.exe & download infected file)
Edition Mode Active
Gloss