| Name | wp_samsung_kies |
| CVE | CVE-2012-3807 |
| Exploit Pack | White_Phosphorus |
| Description | Samsung Kies ActiveX Control Remote Code Execution |
| Notes | References: https://www.htbridge.com/advisory/HTB23099 CVE Name: CVE-2012-3807 VENDOR: Samsung Notes: This is a browser based client-side exploit - use it via httpserver. If you choose to host the exploit file on an independandant webserver you must remember to set a listener on port 5555. wp_smbserver_backdoor is used to serve the payload over an SMB share. Windows based CANVAS users must first disable the native Windows SMB server before running the module. On Windows 7 this is done by disabling the 'Server' and 'TCP/IP NetBIOS Helper' services and rebooting the system. Instructions: 1. Disable native SMB server and reboot 2. Run module via HTTPSERVER Repeatability: Unlimited Date public: 2012-10-15 CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3807 CVSS: 6.8 |
| Learn more about the CANVAS Exploit Pack here: White_Phosphorus |