Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: UPDATED: the insider exploit( = the latest ie0day which involves SHOWMODALDIALOG)

From: "Ferruh Mavituna" <ferruh () mavituna com>
Date: Tue, 11 Jan 2005 12:36:02 +0200

4) Classic ASP version;
http://ferruh.mavituna.com/article/?553


Ferruh Mavituna
http://ferruh.mavituna.com
PGPKey: http://ferruh.mavituna.com/pgpkey.asc
 


-----Original Message-----
From: full-disclosure-bounces () lists netsys com 
[mailto:full-disclosure-bounces () lists netsys com] On Behalf 
Of Rafel Ivgi, The-Insider
Sent: Tuesday, January 11, 2005 10:37 AM
To: bugtraq () securityfocus com; 
full-disclosure () lists netsys com; NTBUGTRAQ () LISTSERV NTBUGTRAQ COM
Subject: RE: [Full-disclosure] UPDATED: the insider exploit( 
= the latest ie0day which involves SHOWMODALDIALOG)

I forgot to tell everyone that i made an aspx version of 
jelmers exploit.

So lets sum it up, all the exploits to 0-day --> 
"The-Insider-Prototype"(as defined by Liu) are:
1) JSP VERSION BY JELMER -
http://www.k-otik.com/exploits/07072004.IEApplicationShell.php
2) PHP VERSION BY Liu Die Yu- 
http://0daymon.org/monitor/insider/dir.zip
3) ASPX VERSION BY Rafel
ivgi -http://theinsider.deep-ice.com/The-Insider.zip


Greetings: Liu Die Yu, Drew Copley, Malware

Rafel Ivgi, The-Insider
Security Consultant

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: