Penetration Testing mailing list archives
Re: [PEN-TEST] Microsoft Office 2000 UA Control Scripting
From: Nelson Brito <nelson () SECUNET COM BR>
Date: Wed, 21 Mar 2001 15:15:49 -0300
"Loschiavo, Dave" wrote:
I'm looking for the code that will demonstrate the vulnerability in Microsoft Office 2000 UA Control Scripting advisory. The text file at http://www.atstake.com/research/advisories/2000/msoua.txt still has a dead link (http://www.l0pht.com/advisories/ouahack/index.html). I've tried appending to the URL at the new website to find where the demo may have been moved to, but have been unable to find it. If someone could send a link, or a copy of the demo code, I would be most appreciative.
I have this demostration sit on my HD, for my Pen-Tests. So, I'm send to you a ZIP with the original L0pht's proof-of-concept. Enjoy yourself. PS: I could send the ZIP only to you, but it's egoism. Sem mais, -- # Nelson Brito - IBQN / Security Networks AG - The trust Company! # "Windows NT can also be protected from nmap OS detection scans # thanks to *Nelson Brito* ..." # Passage from "Hack Proofing your Network", page 93 open(S,shift) || die "Use: $0 <file>\n"; foreach(<S>){ chop; split(//,$_); print reverse @_; print "\n"; } close(S);
Attachment:
MUA.zip
Description:
Current thread:
- [PEN-TEST] Microsoft Office 2000 UA Control Scripting Loschiavo, Dave (Mar 21)
- Re: [PEN-TEST] Microsoft Office 2000 UA Control Scripting Nelson Brito (Mar 21)
- <Possible follow-ups>
- Re: [PEN-TEST] Microsoft Office 2000 UA Control Scripting Weld Pond (Mar 26)