Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

eLoL.txt

๐Ÿ—“๏ธย 08 Dec 1999ย 00:00:00Reported byย SixkillerTypeย 
packetstorm
ย packetstorm๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 19ย Views

eLoL program can execute remote commands via browser without verifying data source.

Show more
Code
`When the program is running it's acting like a server for information  
shown on your browser.  
When information is recived the program isn't checking if the data is  
from local computer or remote computer so you can execute commands on  
remote computer that runs eLoL.  
  
It is possible to do it with your browser, just connect to:  
123.321.123.5:2388/BackTo  
123.321.123.5 is the remote ip, 2338 is eLoL port (It's not static so  
you have to find it yourself) and /BackTo is the command.  
In this case the browser on the remote computer will shut down itself.  
The commands sent are limited to the program and as far as i know you  
can't control someones computer with that.  
The commands are:  
/BackTo  
/Skip  
/IKnowIt  
/Vote5  
/Vote4  
/Vote3  
/Vote2  
/Vote1  
/SendToFriend  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
08 Dec 1999 00:00Current
7.4High risk
Vulners AI Score7.4
remote command executionelol vulnerabilitiesbrowser exploitationlocal verification bypasscommand list
19
.json
Report