Skip navigation.

wmf construction kit

| |

Thanks to one of our users we have a copy of the wmf construction kit.

There are lots of really obvious signatures from this kit so I find it less than useful. Metasploit is not that hard to use, comon!

00041A10 00443610 0 c:/mnt/samo/mingw/msys/mthr_stub.c

0003E402 00440002 0 Have fun
0003E41A 0044001A 0 ApacheEatsGnu
0003E432 00440032 0 ------visit
0003E454 00440054 0 Exploit by Metasploit Framework
0003E475 00440075 0 %s

This stuff is retained by the actual wmf files it outputs.

md5sum: 71514d3125f8fc1b544bdc2f018e145e
sha1sum: 68e7cf38f0309cea81c6fa907a922433005e08cb
sha256sum: 21efe67ef29ed14599a9bdda25640ff4a1e1d7b83ec37f4059389d209d0ea27d

C:\malware\wmfmaker>type start.bat
wmf-maker.exe evilshellcode.bin

info: 487583 Jan 6 00:53 wmf-maker.exe
wmf-maker.exe: MS Windows PE 32-bit Intel 80386 console executable not relocatable

On a side note, anyone thought about exploiting non windows os's with wmf?

like with cross over office or wine or maybe even open office (not sure about that)

could be interesting.


ive written an exploit

That I think will work on linux against wine. Unfortunatly my old rh 7.3 vmware's wine does not function so I need to work on a new (read less than 5 years old) version to test. Will post with results eventually but I'm fairly sure it will work.