Skip to content

Commit 4f38ab0

Browse files
carrot-c4k3carrot-c4k3
committed
update themebleed repo link
1 parent ae52c78 commit 4f38ab0

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

content/themebleed/index.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,7 @@ I developed a PoC for this issue. The PoC consists of two components, an SMB ser
105105
106106
I chose to use an attacker controlled SMB server for this because a `.theme` file may point to a `.msstyle` path on a remote SMB share. Since the SMB share is attacker controlled, it can easily exploit the TOCTOU bug in `ReviseVersionIfNecessary` by returning a validly signed file when the client first requests it to check the signature, and then a malicious one when the client loads the DLL.
107107
108-
The PoC can be found here: [https://github.com/gabe-k/themebleed](https://github.com/gabe-k/themebleed)
108+
The PoC can be found here: [https://github.com/exploits-forsale/themebleed](https://github.com/exploits-forsale/themebleed)
109109
110110
## Environment Prep
111111

0 commit comments

Comments
 (0)