RE: ActiveX

[<Wil.Allsopp () ins com>]

Andres,

To list all installed Activex controls look under HKEY_CLASSES_ROOT\CLSID or download NirSoft's Activex Helper.

To then load and use that component in an HTML context try something along the lines of the following:

<HTML> 
... 
<H1>Activex</H1><p> 
... 
<OBJECT 
   classid="..." 
          codebase="..." 
 ID="whateverX" 
... 


</OBJECT><br><br> 
... 
</HTML>

If you're trying to do what I THINK you're trying to do - I'd recommend loading the control into a RAD environment such 
as Delphi, VB or whatever that will let you see the properties, methods and events that you will need to know to then 
write the html. 

Hope this helps,

Wil

-----Original Message-----
From: Andres Molinetti [mailto:andymolinetti () hotmail com] 
Sent: 29 August 2005 16:14
To: paavan.shah () gmail com
Cc: pen-test () securityfocus com
Subject: Re: ActiveX

Hi Pavan,

what I am looking for is not MS products installed by ActiveX.
I want to use some ActiveX Control installed by default on the system.

And then show how an HTML page viewed in My Computer Sec zone can use it to 
take some actions on the system.

Any ideas,

cheers

andy


> From: paavan shah <paavan.shah () gmail com>
> To: Andres Molinetti <andymolinetti () hotmail com>
> CC: pen-test () securityfocus com
> Subject: Re: ActiveX
> Date: Fri, 26 Aug 2005 10:31:09 -0800
>
> Hi Andres!!
>
> Well ,i don't have any knowledge about softwares of MS installed
> through activex.Only when you update your computer ,windows updates
> are downloded and installed through ActiveX.
>
> If you want to show your customer the dangers of executing activex
> then goto 2020search.com ,it is a known toolbar,it is termed as adware
> and at the time of installtion of this toolbar as activex it will also
> give u so many popups and through those popups it will prompt u to
> install other third party applications.
>
> This will show him dangers of activex.
>
> I hope this helps.
>
> regards,
> Pavan Shah.
>
> On 8/26/05, Andres Molinetti <andymolinetti () hotmail com> wrote:
> > Hi, I need to explain a customer the dangers of executing ActiveX with 
> no
> > restrictions and I would like to use some Activex shipped with Windows,
> > Office or any other shipped with a MS popular product....
> >
> > I would like to use it and show some "showy" actions being executed in 
> the
> > system...directory listings, shares, ips, command execution??
> >
> > Anyone knows which control may I use?
> >
> > thks,
> >
> > Andy
> >
> > _________________________________________________________________
> > Móviles, DVD, cámaras digitales, coleccionismo... Con unas ofertas que 
> ni te
> > imaginas. http://www.msn.es/Subastas/

_________________________________________________________________
¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en 
MSN Motor. http://motor.msn.es/researchcentre/