lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <200409091721.i89HL5BI010884@web115.megawebservers.com>
From: 1 at malware.com (http-equiv@...ite.com)
Subject: Virus loading through ActiveX-Exploit [Fwd: George Bush sniper-rifle shot!] 


<!--
> "Alla Bezroutchko" wrote:
 > Also interesting that they don't use
> "a {behavior:url(#default#AnchorClick);}"
> in this exploit which seems to be an essential part of http-
equiv's and 
> mikx's exploits.

The key to all this exploits is drag'n'drop access to a local 
directory.

Since WinXP SP2 it's not possible to use "shell:startup" as src 
for an iframe
 -->

You also can't or couldn't effect 'drag and drop' from or on the 
internet zone into the iframe. That is why the original is by 
design on the 'intranet zone' where you can:

<iframe src="http://malware%2F.http-equiv.dyndns.org/~http-
equiv/littleshit.html">

using 'bitlance winter's' magic dns.

-- 
http://www.malware.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ