[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: new internet explorer exploit (was new worm)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: new internet explorer exploit (was new worm)
From: roozbeh afrasiabi <roozbeh_afrasiabi@xxxxxxxxx>
Date: 31 Mar 2004 15:50:15 -0000




I have made little changes to the exploit jelmer coded,and now  it 
can run any program with parameters on victim's system (executable's path or 
MUICACHE name must be known)it can download other files to victim's system ,it 
is also possible to run files using their bond programs( if 1001001.xls is 
placed on victim's system it will be opened using excel automaticlly god this 
****).

The exploit places a chm file (x.chm) on victim's c:\\ directory,everything 
else is done using this chm file, it has access to most programs on victim's 
system so it can do much more than a virus could do.

cmd+dir:
http://www.freewebs.com/roozbeh_afrasiabi/exc.htm

Follow-Ups:
- Re: new internet explorer exploit (was new worm)
  - From: mgotts

Prev by Date: [RHSA-2004:137-01] Updated Ethereal packages fix security issues
Next by Date: Re: IE ms-its: and mk:@MSITStore: vulnerability
Previous by thread: [RHSA-2004:137-01] Updated Ethereal packages fix security issues
Next by thread: Re: new internet explorer exploit (was new worm)
Index(es):
- Date
- Thread