Metasploit mailing list archives
IE7 Default Settings
From: natron at invisibledenizen.org (natron)
Date: Wed, 17 Dec 2008 12:55:21 -0600
I put together a spreadsheet of all IE7 default settings. For your reference: http://blog.invisibledenizen.org/2008/12/default-ie7-settings-for-xp-sp3-and.html http://spreadsheets.google.com/ccc?key=pPb4M5mLTAttAB-flW0VIaw Specifically, these are the 'interesting' values that go from 'Prompt' to 'Enabled' for the Intranet zone: * ActiveX controls and plug-ins: Allow Scriptlets * Miscellaneous: Allow scripting of Internet Explorer Web browser control ^ * Scripting: Allow Programmatic clipboard access * Miscellaneous: Navigate sub-frames across different domains * Launching programs and files in webview # * Miscellaneous: Launching applications and unsafe files FYI, even on the intranet zone, you can't auto-download signed or unsigned scripts by default. Just like the Internet zone, you can only access 'safe' ActiveX controls that have already been downloaded by default. (E.g. I don't believe Rex::Text.to_activex would be as useful as it otherwise would be [http://trac.metasploit.com/ticket/267])
Current thread:
- IE7 Default Settings natron (Dec 17)
- IE7 Default Settings natron (Dec 17)