I did. See http://aviv.raffon.net/2006/12/14/IE7DLLloadHijackingCodeExecutionExploi tPoC.aspx for the guy's original blog and some comments.
I've been able to replicate it sometimes, but sometimes it just doesn't work for me. We couldn't figure out why it was inconsistant. Caveats for it: there's quite a bit of user interaction involved; some users don't launch IE from the desktop; the file has to hit the file system where AV can get at it. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.eweek.com/blogs/larry%5Fseltzer/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Col Sent: Wednesday, December 20, 2006 5:55 AM To: [email protected] Subject: [funsec] IE7 DLL-load hijacking Exploit posted on Milw0rm Re: MS Internet Explorer 7 (DLL-load hijacking) Command Execution Exploit http://www.milw0rm.com/exploits/2929 Has anyone looked into this? I've not got the knowledge/tools/time to do anything with it and don't see any other discussions on it. Would like to know the effects on Vista etc. Cheers, Col. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
