Full Disclosure mailing list archives
Re: "windows update activex"
From: Liu Die Yu <liudieyuinchina () yahoo com cn>
Date: Mon, 21 Jul 2003 23:30:13 +0800 (CST)
signed vulnerable small "addon" is pretty fine!
[*]downgrade windows by installing buggy patches:
as a routine, a patch will always verify if the system
needs this patch. msie dev is good at following
routines. so i guess(i have not tried): this won't
work.
[*]i need to add new buggy features to windows.
the component doesn't need to be EXE.
(but EXE can simplify the exploit.("codeBase"))
WANTED addons:
[0]signed by microsoft.
[1]vulnerable to remote system compromise; as small as
possible.
[2]installation doesn't require "RebootMachine".
[3]not installed by default.
if you happen to have such extremely useful things,
send me a copy. :-)
(it seems yahoo!mail is making mistakes. try to call
full-disclosure again. :-) )
--- Liu Die Yu <liudieyuinchina () yahoo com cn>
的正文:> if someone got something like that, i can
get the
digest of that EXE. and your EXE can pass WinTrust check. THEN: cross-site scripting = update windows box with buggy software automatically = remote system compromise and all we use is normal "windows update" features. :-) great prosperity. die --- Georgi Guninski <guninski () guninski com> 的正文:> Liu Die Yu wrote:BUT it's hard for the attacker to execute hisEXE.i've traced into the module("IUENGINE.TEXT").Has someone tried downgrading windoze byinstallingold signed stuff (probably a very old m$ patch as exe will do, or just some old signed installer from m$)? After downgrading, old bugs start working. georgi _______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.netsys.com/full-disclosure-charter.html
_________________________________________________________
Do You Yahoo!? 国内电邮用户反垃圾调查拉开帷幕
http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.tech.yahoo.com/zhuanti/laji/index.html
_______________________________________________ Full-Disclosure - We believe in it. Charter:
http://lists.netsys.com/full-disclosure-charter.html _________________________________________________________ Do You Yahoo!? 国内电邮用户反垃圾调查拉开帷幕 http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.tech.yahoo.com/zhuanti/laji/index.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- "windows update activex" Liu Die Yu (Jul 20)
- Re: "windows update activex" Georgi Guninski (Jul 21)
- Re: "windows update activex" Liu Die Yu (Jul 21)
- Re: "windows update activex" Liu Die Yu (Jul 21)
- Re: "windows update activex" Liu Die Yu (Jul 21)
- Re: "windows update activex" Liu Die Yu (Jul 21)
- Re: "windows update activex" Georgi Guninski (Jul 21)