what should we do to execute the other program?

hacksysteam / CVE-2022-28672

Foxit PDF Reader Remote Code Execution Exploit

https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672

GNU General Public License v3.0

115 stars 25 forks source link

what should we do to execute the other program? #2

Open Amateras123 opened 3 months ago

Amateras123 commented 3 months ago

i 've been with your JITShellCode which is made for executing calc , but i just wanna know that if i wanna execute the other programs instead of calc such as notepad.exe , then what and how can i change the code for this purpose ?

hacksysteam commented 3 months ago

Hi @Amateras123 the shellcode needs to be updated here https://github.com/hacksysteam/CVE-2022-28672/blob/6a42055fbe1a6f90c849be9210491453277da119/rce.js#L17

Read the blogpost to find out how to craft such shellcode