Windows (XP SP2): Remotely Code Execution with Parameters (Updated)

[ShredderSub7 <shreddersub7 () yahoo com>]

Hi all,
a few days ago, I released a PoC from an exploit that can allow code execution from a webpage.
Some people asked me if it is possible to execute a random file, that comes from the Internet.
Now, I updated this PoC and it is possible to execute a malware file from the Internet.
http://freehost19.websamba.com/shreddersub7/cmdexe.htm (PoC, installs and opens 2 files called "cmdexe.exe" and 
"cmdexe.hta" into your root C-drive).
This new PoC works very similar to the old one (which you can still find at 
http://freehost19.websamba.com/shreddersub7/htm.htm).
The new PoC actually uses the old PoC multiple times, it is build in 3 fases:
The first fase will be used to write the HTML application "cmdexe.hta" to your C-drive. If you want to know how this is 
done, I refer to the website of Michael Evanchik (http://www.michaelevanchik.com), because he was the first person who 
founded this writing method (btw, thanks!).
The second fase is very similar to the first one: it opens the file "cmdexe.hta" and it will write the malware file 
"cmdexe.exe" also to your C-drive.
The third fase then is based on my older exploit (http://freehost19.websamba.com/shreddersub7/htm.htm, Remote Code 
Execution), it will open the file "C:\cmdexe.exe". For more info about that third fase, I refer to my own explanation 
found at http://freehost19.websamba.com/shreddersub7/expl-discuss.htm.
 
So, for the PoC about Remote Malware Code Execution with Parameters:
http://freehost19.websamba.com/shreddersub7/cmdexe.htm
 
Contact:
shreddersub7_at_yahoo.com (replace "_at_" with "@" off course)
 
Regards,
shreddersub7

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html