*******************************
Lorenzo Hernandez garcia-hierro
Webmaster of LORENZOHGH.COM
LHGHPRODS PROGRAMACIN TIENDA ONLINE.
*******************************
NBActiveX Sure ActiveX New Vulnerability
Dear firends,
INTODUCTION
This vulnerability is an important failure because the malicious code writed
in NeoBook 4 can be executed out of permission and silent. NBActiveX.ocx is a
AtiveX control for execute programms created and designed for the web with Neo
Book 4 (the best author multimedia software)the vulnerability is in the form
that NBActiveX.ocx is identificated throw the MSIE ActiveX Control Validator
or system of security control and the MSI validate with sure calification the
activex but no checking the routines.
METHOD
1.If you create a programm and select in compilation mode Distribution Mode>
Web Navigator , NeoBook 4 compiles a file called [nameofproject].prg and a
[nameofproject].htm the NBActiveX.ocx is publicated with that files in the
server and the HTM file is the "wrap" of the .prg file and the server activex
NBActiveX.ocx .
2.type the URL for the HTM File and wait,my example was based on a programm
that writes a file called Win32DLL.vbs in %ROOT% normally c:\ and in another
pixel run another programm created with neobook too , this programm run
finally the script .vbs and the script run MsgBox("Hello World") but the file
can be all types of files like patch.exe (Netbus slave) or any.
THE PROBLEM
Neo Book 4 allow to insert any tipes of files in your project for wrap (like
eliteWrap) it an execute or save,rename,put attrb and all the commands
possible in win32.
The only possible solution is setting off the activeX execution (please dont
laught.).
FILES ENCOUNTERED THE PROBLEM:
NBActiveX.ocx -The famous dangerous ActiveX-
[nameofproject].prg -The programm wrap-
[nameofproject].HTM -the NBActiveX and wrapper executor-
ABOUT ME:
My name is Lorenzo Hernandze GARCIA-HIERRO and i'm 13 old , i live in madrid
in spain and i use linux in two of my 3 computers (i break some windows,
don't laught!!!)my telephone number (mobile) +34676001011.
-----------------------------------------------------
Me http://lorenzohgh.com
or me project of linux http://lorenzohgh.com/linux
My nick geniemgh : http://ciberia.ya.com/geniemgh
-----------------------------------------------------
PLEASE RESPOND ME WITH THE answer.
PLEASE TAKE CARE WITH THIS IMPORTANT AND DANGEROUS VULNERABILITY BECAUSE I
CREATE A VIRUS IN VBS SCRIPT AN A TROJAN WRAPPER (ELITE WRAP) AND THE EFFECTS
ARE CATASTROFIC AND VERY QUICKLY (IN A P2 LIKE 10 SECONDS FOR TOTAL INFECTION
AND FILE REPLACE WITH A 56 MODEM)
PLEASE CHECK THIS BECUSE IF YOU THINK THE POSSIBILITIES ARE INFINITE AND IF
YOU RUN IT ON A IIS.... ALL THE DATA ARE FOR ANY WITH TROJAN ACCESS.