WMF: Easy to use WMF construction kit

We just received a sample of easy-to-use WMF construction kit. The WMF file it generates is based on "first generation" metasploit exploit which itself was based on the very first WMF exploit found in the wild last week. The program itself is not that interesting, it is a console-mode Windows application that just generates a file named "evil.wmf" with whatever payload given from command line.

The application is user-friendly but the user still needs to know how to write assembly payloads (or where to download one). That, in addition to fact that at least some WMF files it generates are buggy, makes this construction kit a minor threat. F-Secure : News from the Lab - January of 2006

Linked by shanmuga Tuesday, 3rd January 2006 11:17PM