The past months (years ?) several people found a lot of methods and/or vulnerabilities on Internet Explorer which could be exploit for silent delivery and arbitrary program execution. This people are well known : Jelmer, Malware, SandBlad, Guninski, GreyMagic, Thor Larholm, Liu Die Yu, ... When I saw all of this stuff I decided to centralize and try a maximum of this methods and proofs of concept with this main goals : * Show basic concepts like HTA, CHM or showHelp() * Make this public proofs of concepts more simple * Categorize this methods and proofs of concept * Provide simple tools (perl scripts) to facilitate implementation of exploit * Start to explain and list methods for silent delivery (HTML tag, ActiveX,...) and program execution (CHM and Shortcut, OBJECT and codebase) So it's the goal of Internet Explorer Hacking Kit (IEHK) project. You can download it here : http://valgasu.rstack.org I launched this basic project to centralize knowledge about IE security problems and give it to security community. So I hope that a lot of people will want to participate in this project with tips and tricks, others advanced proofs of concept, tools, behavior on different IE/Windows version, firewall and anti-virus return on experience (vbs run and createtextfile method detection for example)... Any good idea is welcome ! -- Valgasu -- valgasu@rstack.org
