Vulnerability & Exploit Database

Back to search

Windows TrackPopupMenuEx Win32k NULL Page

This module exploits a vulnerability in win32k.sys where under specific conditions TrackPopupMenuEx will pass a NULL pointer to the MNEndMenuState procedure. This module has been tested successfully on Windows 7 SP0 and Windows 7 SP1.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/windows/local/ms13_081_track_popup_menu

Authors

  • Seth Gibson
  • Dan Zentner
  • Matias Soler
  • Spencer McIntyre

References

Targets

  • Windows 7 SP0/SP1

Platforms

  • windows

Architectures

  • x86

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/windows/local/ms13_081_track_popup_menu msf exploit(ms13_081_track_popup_menu) > show targets ...targets... msf exploit(ms13_081_track_popup_menu) > set TARGET <target-id> msf exploit(ms13_081_track_popup_menu) > show options ...show and set options... msf exploit(ms13_081_track_popup_menu) > exploit

Related Vulnerabilities