Symantec AntiVirus detects the output file as containing a trojan http://securityresponse.symantec.com/avcenter/venc/data/trojan.progent.html
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, September 15, 2003 4:19 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] IE Object Type Validation Vulnerability Exploit *** PGP Signature Status: unknown *** Signer: Unknown, Key ID = 0x2C0A0B31 *** Signed: 9/15/2003 4:19:42 PM *** Verified: 9/16/2003 12:18:44 PM *** BEGIN PGP VERIFIED MESSAGE *** Download makevbs from the following URL http://rattlesnake.at.box.sk/newsread.php?newsid=7. You can use it to create a VBS script to upload and execute any file you want. -titus ----- Original Message ----- From: n30 To: phlox ; [EMAIL PROTECTED] Sent: Monday, September 15, 2003 6:37 PM Subject: Re: [Full-Disclosure] IE Object Type Validation Vulnerability Exploit Thanks a lot guys for your reply...The things work like a charm.. I am now trying to understand the content of .php so that i can execute nc.exe instead of mal_ware.exe. Also is it possible to execute nc.exe from http://somewhere instaed of from local system? Any help/link/pointers greatly apprciated Thanks -N ----- Original Message ----- From: phlox To: [EMAIL PROTECTED] Sent: Monday, September 15, 2003 1:43 PM Subject: Re: [Full-Disclosure] IE Object Type Validation Vulnerability Exploit page.php > page.hta look at page.hta attachment? -phlox ----- Original Message ----- From: n30 To: [EMAIL PROTECTED] Sent: Monday, September 15, 2003 12:46 PM Subject: [Full-Disclosure] IE Object Type Validation Vulnerability Exploit Guys, Any body knows of any exploit for the Object type vuln Eeye has a POC http://archives.neohapsis.com/archives/vulnwatch/2003- q3/0084.html But I need something more firm for demonstartion. Any links/pointers apprciated Thanks in advance -N *** END PGP VERIFIED MESSAGE *** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
