Re: new internet explorer exploit (was new worm)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: new internet explorer exploit (was new worm)
From: roozbeh afrasiabi <roozbeh_afrasiabi@xxxxxxxxx>
Date: 31 Mar 2004 15:50:15 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm




I have made little changes to the exploit jelmer coded,and now  it 
can run any program with parameters on victim's system (executable's path or 
MUICACHE name must be known)it can download other files to victim's system ,it 
is also possible to run files using their bond programs( if 1001001.xls is 
placed on victim's system it will be opened using excel automaticlly god this 
****).

The exploit places a chm file (x.chm) on victim's c:\\ directory,everything 
else is done using this chm file, it has access to most programs on victim's 
system so it can do much more than a virus could do.

cmd+dir:
http://www.freewebs.com/roozbeh_afrasiabi/exc.htm

Follow-Ups:
- Re: new internet explorer exploit (was new worm)
  - From: mgotts

Prev by Date: Re: security enforcement - new monitor for winnt
Next by Date: Re: IE ms-its: and mk:@MSITStore: vulnerability
Previous by thread: MDKSA-2004:025 - Updated squid packages fix vulnerability
Next by thread: Re: new internet explorer exploit (was new worm)
Index(es):
- Date
- Thread