Vulnerability Analysis

MyMSIAnalyzer – A Comprehensive Tool For Detecting MSI File Vulnerabilities And Privilege Escalation

MyMSIAnalyzer is a tool that allows you to detect vulnerabilities inside MSI files. It is able to:

Check for credential leaks
Detect vulnerable Custom Actions
Check MSI files signature (useful for MST Backdoor)
Check if Custom Actions can be overwritten

In addition, there is a GuiFinder project in the repository. It can be used to detect MSI files that have a graphical interface and run on behalf of the NT AUTHORITY\SYSTEM, allowing you to elevate your privileges via explorer.exe escape

The tool is easy to use:

.\MyMSIAnalyzer.exe [-path <PATH TO MSI Files. Default value: C:\Windows\Installer>]

.\GuiFinder.exe [--folder <PATH>]

Related

MSI Dump : A Tool That Analyzes Malicious MSI Installation

April 26, 2023

In "Kali Linux"

MSI Analyzer – Analyzing Windows Installer Files For Vulnerabilities

September 18, 2024

In "Vulnerability Analysis"

BeRoot – Tool To Check Common Windows Mis-configurations

June 24, 2018

In "Kali Linux"

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Next Hill Saturday Malware Analysis : Open Dir -> Obfuscated Python -> DONUT Launcher -> XWorm »

Previous « Artemis - A Modular Vulnerability Scanner For Enhanced Website Security

Leave a Comment

Share

Published by

Varshini

Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtoolsMyMSIAnalyzer

2 years ago

Recent Posts

Tutorials

Best OSINT Tools for Journalists 2026: Verify Sources, Images and Claims

Journalists use OSINT to verify public information before publishing. In 2026, misinformation, AI-generated images, fake…

3 hours ago

How To

Install Docker on Ubuntu 20.04: Complete Step-by-Step Guide

Docker is an open-source platform that lets you package and run applications inside containers. Each container…

14 hours ago

How To

Install PostgreSQL on Ubuntu: Database Setup and Admin Guide

PostgreSQL (often called Postgres) is an open-source relational database system. It supports advanced features like JSON…

15 hours ago

How To

Install Xrdp Remote Desktop on Ubuntu: Setup and Connect

Xrdp is an open-source server that lets you connect to your Ubuntu machine from another computer…

15 hours ago

How To

Tomcat 9 on Ubuntu 20.04: Install, Configure, and Start

Apache Tomcat is an open-source web server and Java servlet container. It is one of the…

15 hours ago

How To

Automatic Updates on Ubuntu: Set Up unattended-upgrades

Keeping your Ubuntu system updated is one of the best ways to protect it. Security…

16 hours ago

L