Jump to content

MBAE doesn't block exploits based on Java add-on


ideriev
 Share

Recommended Posts

I used Metasploit to test MBAE Free and got mixed results:

- CVE-2014-0515 (Windows 7 SP1, IE 11, Flash Player 12) was successfully blocked

- but CVE-2013-2465 (Windows 7 SP1, IE 11, JRE 1.7u5) wasn't. And the same with some other similar Java-exploits.

What is the reason? Would support team like to comment?

 

mbae-logs.zip

Link to post
Share on other sites

Hi pbust.

Thanks for you answer and sorry for my delay.

I also have tried (through web interface Metasploit) 4 different combination of Target setting (Generic-Java payload/Windows Universal) and Payload type (Meterpreter/Command Shell). Actually MBAE didn't block only one of them - Generic+Meterpreter and was successful in three others.

Link to post
Share on other sites

  • 1 month later...
  • 2 months later...
  • Staff

Can you please try MBAE 1.05?

https://forums.malwarebytes.org/index.php?/topic/160317-mbae-experimental-10531010/

 

When you try this again please make sure that the Metasploit machine is physically different than the attacked machine. It is a known issue that when the payload is delivered from the same machine it does not behave the same way as if it is remote.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.