On Tue, 31 Jul 2007, Nick FitzGerald wrote:
RaeD@xxxxxxxxxxx wrote:
Discovred By : Hasadya Raed
"Discovred" as in "found in a web page with some dodgy script in it"?
This exploit (though not in this precise form) is common as muck in
them thar int-duh-net tubes at the moment...
You can't mean "discovered" as in "first found through unique personal
research/investigation/etc" as this exploit has been publicly disclosed
since April 2006, I think (and privately used previously?):
I believe RaeD meant no offense and did was in fact not aware of the
previous findings. In the past SecuriTeam helped him out with
disclosure and his findings were on the moeny.
I think:
1. This is either yet another exploit.
2. An honest mistake.
But I am not RaeD not affiliated with him. Give people the benefit of the
doubt. Who would steal thi sbluntly only to be found out?
Thanks.
http://www.milw0rm.com/exploits/2052
and again, in a more elaborate "multiple dodgy ActiveX control target"
version shortly thereafter:
http://www.milw0rm.com/exploits/2164
Now You Can To Download Exe Files And To Run Without Msgs :
Oh, and did I mention patched since 11 April 2006:
http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx
So probably not that effective if what you want is an assured "fire an
forget" remote IE exploit...
Regards,
Nick FitzGerald