PassiveX DLL restrictions

[benheinkel at securitynerds.org (Ben Heinkel)]

> On Sun, Mar 12, 2006 at 10:52:19PM -0800, Ben Heinkel wrote:
> > Hello,
> >
> > Recently stumbled over win32_passivex to help with several issues I
> > faced
> > exploiting systems in proxy environments.
> >
> > Trying to demonstrate this, I used the winamp_playlist_unc exploit,
> > combined with the win32_passivex payload. However, my IE gives me a
> > warning of "passivex.dll - Windows has blocked this software because it
> > can't verify the publisher". With IE security settings on Low it would
> > allow you to install this DLL, but only after prompting.
> >
> > Has anybody worked with this payload extensively, any idea on getting
> > around this ?
>
> Which version of Itnernet Explorer are you using (and on what platform)?
> The PassiveX payload is designed to enable the download and execution
> of untrusted ActiveX controls such that this specific scenario doesn't
> happen, so the fact that you're getting this error means that it isn't
> working quite right :)  We aware of issues with it on versions of
> Internet Explorer prior to 6.0, but have not heard of issues outside of
> this specific case.

Thanks for the response. Using IE 6.0.2 on XP SP2, going to try connecting
from a few other systems this afternoon. Have used default settings for
passivex payload, except for hostname which was required.

Any ideas what could be going wrong ?