Skip to main content

Huge bug in IE7...here's the exploit!




A huge bug has been found in IE7 and IE8

If your browser is bugged, and if you are running XP and IE7/IE8,
this site will harmlessly launch SOLITAIRE on your PC,
but keep in mind that with this bug around anyone
can execute ANYTHING on your pc
remotely.

Click here to run the exploit

WATCH OUT!
Labels:

Comments

  1. slackerbriJune 10, 2010 at 9:32 PM

    Thank you Z, much appreciated

    ReplyDelete
  2. LazzaJune 10, 2010 at 11:44 PM

    I was asked by the browser if I wanted to let the site launch a program. It didn't start automatically.

    ReplyDelete
  3. ZibriJune 11, 2010 at 4:56 AM

    @Lazza

    with ie7 or ie8?

    I think the bug was addressed in the latest windows updates.

    ReplyDelete
  4. George TimmermansJune 16, 2010 at 11:17 PM

    From today, eset nod32 reports it as a trojan and blocks the site from opening untill you disable web acces protection.

    ReplyDelete
  5. ZibriJune 17, 2010 at 5:03 AM

    Yep. I will remove the exploit and link it elsewhere for people to try it.. Let me know if it works :)

    ReplyDelete
  6. George TimmermansJune 17, 2010 at 10:39 PM

    Eset still reports a html exploit but allows the page to load instead of blocking it completely

    ReplyDelete
  7. ZibriJune 18, 2010 at 6:05 AM

    @Joris Timmermans

    what's the script the program is reporting?

    ReplyDelete
  8. George TimmermansJune 21, 2010 at 2:03 AM

    http://lh3.ggpht.com/_qb_EBr4YlZU/TBw1edM5B0I/AAAAAAAABaE/dORAghkuAf0/s640/zibri.JPG

    sorry for the late reply, I hope this is any use to you. Good luck with your projects.

    ReplyDelete
  9. ZibriJune 21, 2010 at 5:00 AM

    @ Joris that's your cache... and the ie7_exploit on webalice is an harmless proof of concept..

    ReplyDelete

Post a Comment

Popular posts from this blog

Powerline Ethernet fun and secrets.

Many 200 Mb/s powerline adapters nowadays are based on the INTELLON 6300 chipset.
Despite what can be thought looking at them, they are all using the same hardware and firmwares.
I heard many people with Netgear XAV101 or Linksys PLK 200 or PLE 200 having problems after firmware updates and many other people with other brands having much more problems because of lack of support or configuration/upgrade utilities.

So let me explain a few things I learnt studying them.

Many of 200 Mb/s powerline ethernet adapters follow the "HomePlug AV" standard. (85 Mb adapters use HomePlug 1.0 standard which is completely different).
This standard uses ethernet broadcast packets using the HomePlug AV protocol.

The interesting thing is that their firmware is made of two different parts:
a .PIB file (Parameter Information Block) and a .NVM file (the code itself).
In the P.I.B. there are many interesting things:
The branding (mac address, device name, etc) and the tone map.

I tested many firmw…
219 comments
Read more

TP-LINK Configuration file encrypt and decrypt.

Here we go! TP-Link is another company that thinks that security by obscurity could ever work.
If you "backup" the configuration from most TP-Link routers, you will get a .BIN file which is "encrypted".
Use this utility below, to decrypt it (so you can edit it) and encrypt it again.
Have fun.
Drop files here or
24 comments
Read more

Obfuscation will never work.

ml>
Hello again, sweet readers !
OpenRG is an embedded OS for routers. It's based on Linux and it's inside many ISP routers out there.
Inside OpenRG configuration file, passwords appear in a way that can seem to be crypted, but it's just obfuscated.
For example: (username(admin)) (password(&b7;X&5c;&b9;&a2;))
Above you can see a simple deobfuscator. Enjoy!
You can try it with: &ad;Y&5b;&b3;&a3;&17;T&8b;&c4;&b9;#&96;&04;c&ea;&1d;$%&5d;&16;&08;B3&c0;
:)
Zibri.
26 comments
Read more