![]() One of the ways AA can connect is via a relay in the cloud run by Ammyy. This exploit has tested against many configurations, (Windows Vista and 7 32 and 64 bit) but so far it has been tested only on isolated networks. ![]() ![]() Aaexploit.exe automates the extraction of the AA executable and dll and injection of the DLL. ![]() This is done to avoid re-implementing AA's complex outer encryption wrapper, and allow for multiple connection types (although only one has been tested). The exploit is actually launched from a DLL injected into a copy of AA, which hooks AA's data send functions, replacing them with the exploit data. The MSF module generates a file “exploit.dat” that you will copy along with aaexploit.exe to a computer or VM to launch the exploit from. This package includes two main parts: a fully commented Metasploit module, and the “aaexploit.exe” launcher. It has been written for and tested against the latest version of Ammyy Admin. The 0-day works from the "controlled" end when someone tries to connect to you, asking to control your computer, you send back the exploit and take over the controller. It claims to be used by tens of millions of people. This exploit is an 0day in Ammyy Admin () a remote desktop type software that is well known for being the software that many fake tech support phone scammers used on their victims.
0 Comments
Leave a Reply. |