Metasploit mailing list archives
ie7 protected mode
From: hdm at metasploit.com (H D Moore)
Date: Wed, 17 Dec 2008 00:15:30 -0600
On Monday 15 December 2008, reydecopas wrote:
Hi, I'm testing the ie_corruption_xml in VISTA ie7 Is it possible to break the protected mode in ie7? because meterpreter works great but with Low privilege according ProcessExplorer ( Integrity Low)
I poked around with this but have not found a good way to do it so far. The process can read/write to the temporary files directory, read from some registry keys, and potentially influence other apps/plugin by manipulating configuration files in the user's home directory. The .java directory seemed like it might be a good target, but only if java itself isn't similarly restricted. Anyone know of an easy route out of the low-privileged IE7 process? -HD
Current thread:
- ie7 protected mode reydecopas (Dec 15)
- ie7 protected mode H D Moore (Dec 16)
- ie7 protected mode ArcSighter Elite (Dec 17)
- ie7 protected mode H D Moore (Dec 16)