lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: shreddersub7 at (ShredderSub7)
Subject: Windows (XP SP2): Remotely Code Execution with
	Parameters (Updated)

Hi all,
a few days ago, I released a PoC from an exploit that can allow code execution from a webpage.
Some people asked me if it is possible to execute a random file, that comes from the Internet.
Now, I updated this PoC and it is possible to execute a malware file from the Internet. (PoC, installs and opens 2 files called "cmdexe.exe" and "cmdexe.hta" into your root C-drive).
This new PoC works very similar to the old one (which you can still find at
The new PoC actually uses the old PoC multiple times, it is build in 3 fases:
The first fase will be used to write the HTML application "cmdexe.hta" to your C-drive. If you want to know how this is done, I refer to the website of Michael Evanchik (, because he was the first person who founded this writing method (btw, thanks!).
The second fase is very similar to the first one: it opens the file "cmdexe.hta" and it will write the malware file "cmdexe.exe" also to your C-drive.
The third fase then is based on my older exploit (, Remote Code Execution), it will open the file "C:\cmdexe.exe". For more info about that third fase, I refer to my own explanation found at
So, for the PoC about Remote Malware Code Execution with Parameters:
Contact: (replace "_at_" with "@" off course)

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
-------------- next part --------------
An HTML attachment was scrubbed...

Powered by blists - more mailing lists