Full Disclosure mailing list archives
Re: IE Object Type Validation Vulnerability Exploit
From: <titus () hush com>
Date: Mon, 15 Sep 2003 16:19:19 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Download makevbs from the following URL http://rattlesnake.at.box.sk/newsread.php?newsid=7. You can use it to create a VBS script to upload and execute any file you want. - -titus - ----- Original Message ----- From: n30 To: phlox ; full-disclosure () lists netsys com Sent: Monday, September 15, 2003 6:37 PM Subject: Re: [Full-disclosure] IE Object Type Validation Vulnerability Exploit Thanks a lot guys for your reply...The things work like a charm.. I am now trying to understand the content of .php so that i can execute nc.exe instead of mal_ware.exe. Also is it possible to execute nc.exe from http://somewhere instaed of from local system? Any help/link/pointers greatly apprciated Thanks - -N - ----- Original Message ----- From: phlox To: full-disclosure () lists netsys com Sent: Monday, September 15, 2003 1:43 PM Subject: Re: [Full-disclosure] IE Object Type Validation Vulnerability Exploit page.php > page.hta look at page.hta attachment? - -phlox - ----- Original Message ----- From: n30 To: full-disclosure () lists netsys com Sent: Monday, September 15, 2003 12:46 PM Subject: [Full-disclosure] IE Object Type Validation Vulnerability Exploit Guys, Any body knows of any exploit for the Object type vuln Eeye has a POC http://archives.neohapsis.com/archives/vulnwatch/2003- q3/0084.html But I need something more firm for demonstartion. Any links/pointers apprciated Thanks in advance - -N -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAj9mSQ4ACgkQlM5X+CwKCzEiCgCgtOZko/6P7bwfcxgSZxIoB07m6NUA n2MZO5adNOj2RYbii2084yWYlEKE =Hy/5 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: IE Object Type Validation Vulnerability Exploit titus (Sep 15)
- <Possible follow-ups>
- Re: IE Object Type Validation Vulnerability Exploit olafandjasper (Sep 16)