[34332] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: new internet explorer exploit (was new worm)

daemon@ATHENA.MIT.EDU (roozbeh afrasiabi)
Wed Mar 31 13:14:29 2004

Date: 31 Mar 2004 15:50:15 -0000
Message-ID: <20040331155015.4389.qmail@search.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: roozbeh afrasiabi <roozbeh_afrasiabi@yahoo.com>
To: bugtraq@securityfocus.com

I have made little changes to the exploit jelmer coded,and now  it 
can run any program with parameters on victim's system (executable's path or MUICACHE name must be known)it can download other files to victim's system ,it is also possible to run files using their bond programs( if 1001001.xls is placed on victim's system it will be opened using excel automaticlly god this ****).

The exploit places a chm file (x.chm) on victim's c:\\ directory,everything else is done using this chm file, it has access to most programs on victim's system so it can do much more than a virus could do.

cmd+dir:
http://www.freewebs.com/roozbeh_afrasiabi/exc.htm


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[34332] in bugtraq

Re: new internet explorer exploit (was new worm)

daemon@ATHENA.MIT.EDU (roozbeh afrasiabi)Wed Mar 31 13:14:29 2004

daemon@ATHENA.MIT.EDU (roozbeh afrasiabi)
Wed Mar 31 13:14:29 2004