Full Disclosure mailing list archives
Re: IE Object Type Validation Vulnerability Exploit
From: "n30" <n30_lists () hotmail com>
Date: Tue, 16 Sep 2003 16:42:49 -0700
Thanks Guys, very helpful discussion... Are their any other similar trojan's around?? Does any one have binary/source code for progent? What i am trying to accomplis is following Using the "NAFfileJPU" vulnerability discovered last week, I can create a malicious web site that will "javascript.alert(document.cookie) for usres. But this is useless, as the information is not transfered to me. I am trying to write a client side script that will do that for me. Any help/suggesstions/pointers appreciated Thanks -N ----- Original Message ----- From: "Pelosi, Stephen:" <Steve.Pelosi () conocophillips com> To: <full-disclosure () lists netsys com> Sent: Tuesday, September 16, 2003 12:24 PM Subject: RE: [Full-disclosure] IE Object Type Validation Vulnerability Exploit
Symantec AntiVirus detects the output file as containing a trojan
http://securityresponse.symantec.com/avcenter/venc/data/trojan.progent.html
-----Original Message----- From: titus () hush com [mailto:titus () hush com] Sent: Monday, September 15, 2003 4:19 PM To: full-disclosure () lists netsys com; n30_lists () hotmail com Subject: Re: [Full-disclosure] IE Object Type Validation Vulnerability Exploit *** PGP Signature Status: unknown *** Signer: Unknown, Key ID = 0x2C0A0B31 *** Signed: 9/15/2003 4:19:42 PM *** Verified: 9/16/2003 12:18:44 PM *** BEGIN PGP VERIFIED MESSAGE *** Download makevbs from the following URL http://rattlesnake.at.box.sk/newsread.php?newsid=7. You can use it to create a VBS script to upload and execute any file you want. -titus ----- Original Message ----- From: n30 To: phlox ; full-disclosure () lists netsys com Sent: Monday, September 15, 2003 6:37 PM Subject: Re: [Full-disclosure] IE Object Type Validation Vulnerability Exploit Thanks a lot guys for your reply...The things work like a charm.. I am now trying to understand the content of .php so that i can execute nc.exe instead of mal_ware.exe. Also is it possible to execute nc.exe from http://somewhere instaed of from local system? Any help/link/pointers greatly apprciated Thanks -N ----- Original Message ----- From: phlox To: full-disclosure () lists netsys com Sent: Monday, September 15, 2003 1:43 PM Subject: Re: [Full-disclosure] IE Object Type Validation Vulnerability Exploit page.php > page.hta look at page.hta attachment? -phlox ----- Original Message ----- From: n30 To: full-disclosure () lists netsys com Sent: Monday, September 15, 2003 12:46 PM Subject: [Full-disclosure] IE Object Type Validation Vulnerability Exploit Guys, Any body knows of any exploit for the Object type vuln Eeye has a POC http://archives.neohapsis.com/archives/vulnwatch/2003- q3/0084.html But I need something more firm for demonstartion. Any links/pointers apprciated Thanks in advance -N *** END PGP VERIFIED MESSAGE *** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: IE Object Type Validation Vulnerability Exp loit Pelosi, Stephen: (Sep 16)
- Re: IE Object Type Validation Vulnerability Exploit n30 (Sep 16)