]HackingTeam[ KnowledgeBase Product
Search:     Advanced search

Multi browser exploit

Article ID: 211
Last updated: 26 May, 2015


This exploit targets:

  • Windows 7 (32 and 64 bit), Windows 8.0/8.1 (64 bit);
  • Chrome, Internet Explorer, Firefox (any recent version).


  • Adobe Flash (any recent version).

If some of the above requirements are not met, the agent will not be installed, while the website is correctly displayed.

No alert message is displayed when accessing the exploiting website, no user interaction is required but browsing the infecting URL. If the exploit is successful, the scout will start after the next logon or system reboot.

All the exploits are one-shot: the exploiting URL will try to exploit only the first user that browses it; all subsequent visitors will see the site content with no exploit.


We offer three different ways to deliver the exploit:

A) Hosted

We offer our anonymous network infrastructure to host a fake website that will infect the target and then redirect to a chosen website (e.g. http://www.cnn.com). The client sends us:

  • Silent Installer;
  • URL to redirect the user to (optional).

We send to the client:

  • a one-shot URL that must be sent to the target.


We provide an HTML snippet containing an iframe that loads the exploit code. Such code can be deployed in a custom website hosted by the client or using the TNI.

The exploit will be available only for a limited period of time, after 7 days it will automatically deactivate itself.

Article ID: 211
Last updated: 26 May, 2015
Revision: 2
document Public
Views: 4
Comments: 0
This article was:   Helpful | Not helpful
Prev   Next
Minimum requirements to test IE and Word/Powerpoint exploits     Office Exploits