Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

RE: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III

From: "Cowperthwaite, Eric" <eric.cowperthwaite () eds com>
Date: Fri, 7 Nov 2003 18:57:17 -0500 
On a related topic,

Does anyone have a method to programatically (perhaps using registry
entries) change security settings in Internet Explorer for a specific zone.
For example, if I wanted to disable active scripting for the Internet Zone
for 1000 end users by pushing a script, reg entry or something similar to
them.


-----Original Message-----
From: Mike Healan [mailto:mike () spywareinfo com]
Sent: Friday, November 07, 2003 3:14 PM
To: Kurt Seifried
Cc: bugtraq () securityfocus com; NTBugtraq () LISTSERV NTBUGTRAQ COM
Subject: Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0
Part III


Kurt Seifried wrote:

 > If anyone knows a tool for finding out the CLSID of an 
ActiveX object I
 > would love to know it.

Sorry if this isn't what you're asking. I'm not sure I 
understood what 
you meant.

HijackThis will enumerate the CLSID associated with any 
activex control 
found in the Downloaded Program Files folder
http://www.spywareinfo.com/~merijn/files/hijackthis.zip

Example:
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop 
Utility) - 
http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall 
Control) - 
http://a840.g.akamai.net/7/840/537/2003031901/housecall.antivi
rus.com/housecall/xscan53.cab
O16 - DPF: {78960E0E-0B0C-11D4-8997-00104BD12D94} (AV Class) - 
http://www.pcpitstop.com/antivirus/PCPAV.CAB
O16 - DPF: {79B96C72-C0D0-4DC8-BC7E-9F314A918228} - 
http://imgfarm.com/images/nocache/myspeedbar/myinitialsetup1.0.0.3.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - 
http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - 
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CA

B?37875.0377662037
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime 
Environment 1.4.1_01) -
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime 
Environment 1.4.1_02) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash 
Object) - 
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F798683C-FE05-436C-B0FF-35B9122E9787} - 
http://www.m-w.com/tools/toolbar/cabs/m-w.cab
O16 - DPF: {F8F88D0D-E455-11D6-B547-00400555C7FB} (DiskHealth2 Class) - 
http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB



-- 
Mike Healan
http://www.spywareinfo.com
Previous By Date Next
Previous By Thread Next

Current thread: