https://github.com/mykhis/slient-url-exploit

URL Contamination Exploit Muted Java Drive-By downloads can transpire during the act of perusing a website, inaugurating an electronic mail communication.
https://github.com/mykhis/slient-url-exploit

cve cve-2021-44228 cve-scanning exploit exploit-code exploit-database exploit-development exploit-exercises exploit-kit exploitation exploitation-framework slient-doc-exploit slient-exploit slient-exploit-builder slient-hta-exploit slient-jpg-exploit slient-pdf-exploit slient-png-exploit slient-url-exploit

Last synced: 9 days ago
JSON representation

URL Contamination Exploit Muted Java Drive-By downloads can transpire during the act of perusing a website, inaugurating an electronic mail communication.

• Host: GitHub
• URL: https://github.com/mykhis/slient-url-exploit
• Owner: Mykhis
• License: mit
• Created: 2024-11-16T08:28:51.000Z (3 months ago)
• Default Branch: main
• Last Pushed: 2025-01-26T04:10:48.000Z (11 days ago)
• Last Synced: 2025-01-26T04:19:39.354Z (11 days ago)
• Topics: cve, cve-2021-44228, cve-scanning, exploit, exploit-code, exploit-database, exploit-development, exploit-exercises, exploit-kit, exploitation, exploitation-framework, slient-doc-exploit, slient-exploit, slient-exploit-builder, slient-hta-exploit, slient-jpg-exploit, slient-pdf-exploit, slient-png-exploit, slient-url-exploit
• Language: C#
• Size: 1.79 MB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE

Awesome Lists containing this project

README

        


# URL Exploit Hidden Downloader

URL contamination and muted Java drive-by downloads can occur during various online activities such as browsing websites, opening emails, or interacting with malicious pop-up windows disguised as system error messages.

- Key Points:

  User Consent Illusion: Users may appear to have given "consent" for the download, but they are often unaware that malicious software is being downloaded.

  Drive-By Downloads: While browsing a compromised website, users can fall victim to drive-by downloads, where malicious code is executed without their knowledge, exploiting browser or plugin vulnerabilities.

  Execution of Malicious Code: The downloaded material can execute harmful code without the user's awareness, leveraging weaknesses in the browser or its plugins.

  Drive-By Installation: Similar to drive-by downloads, this involves the setup and execution of malicious content by the attacker.

- Attack Process:

  Configuration: The attacker configures malicious material to execute the assault.

  Hosting: The attacker hosts the malicious content on a personal server or compromises a legitimate website to distribute the content.

  Client Interaction: When the content loads, the attacker analyzes the client's trace to craft code that exploits specific vulnerabilities.

  Exploitation: The attacker uses these vulnerabilities to initiate the drive-by download attack.

- Techniques Used:

  API Exploitation: Exploiting API calls intended for plugins.

  Shell Code Injection: Writing shell code into memory and using browser or plugin vulnerabilities to execute it, allowing further malicious actions like data exfiltration or malware deployment.

## How to Use

- Download the project to your computer as zip

- Extract Project to Folder.

- Make Sure You Have Visual Studio Installed on Your Computer

- [Click if Visual Studio is Not Installed](https://visualstudio.microsoft.com/en/thank-you-downloading-visual-studio/?sku=Community&channel=Release&version=VS2022&source=VSLandingPage&passive=false&cid=2030)

### Visual Studio :

1. Open the solution file (.sln).

2. Select **Build Solution** from the **Build** menu or press `Ctrl+Shift+B` to compile the project.

3. When the build is complete, select **Start Without Debugging** from the **Debug** menu or press `Ctrl+F5` to run the project.

- URL Exploit Builder Now Available

## Features

- URL Contamination (Subtle Java Drive By)

- Universally Adaptable across Web Browsers

- Universally Compatible with Java Variants

- Seamlessly Propagates via Social Media Channels: Facebook, Gmail, Yahoo, Hotmail, and more.

- URL Contamination is furnished with pre-embedded payloads and an array of shellcode presets, affording you the freedom to select according to your discerning palate.

- Universally Compatible with Web Servers such as Apache, Xampp, Nginx, IIS, and their ilk.

- Synchronizes harmoniously with Metasploit and its complete spectrum of post modules.

## Photo

![image](https://user-images.githubusercontent.com/106811566/171876892-04ae3235-c034-4815-b2f0-483a56c5782a.png)

## Disclaimer

This source code is for educational purposes only.

## License

This project is licensed under the MIT. For more information, see the [License](LICENSE).