SEE ENGLISH VERSION BELOW
Auf der Zielgeraden zur IPC Spring möchten wir Euch schon jetzt
einladen, Eure Themen, Ideen, Vorschläge für die International PHP
Conference im Oktober einzureichen. Die International PHP Conference
findet vom 9. bis 12. Oktober 2011 in der Rheingoldhalle in Mainz statt
We published a remote/local proof of concept for the COM Server-Based Binary
Planting
exploit presented at the Hack in the Box conference in Amsterdam.
Feel free to try it out online if WebDAV works through your firewall, or
download it
and test it in your local network or simply on your
Does this run code without prompting, on a reasonably default configuration?
On Thu, Jun 2, 2011 at 7:52 AM, ACROS Security Lists li...@acros.si wrote:
We published a remote/local proof of concept for the COM Server-Based Binary
Planting
exploit presented at the Hack in the Box conference in
But it *is* worth mentioning that you have to create the malicious dll file,
copy it to the system, create folders etc, and all the other mumbo jumbo to
exploit this in the default configuration. So, the answer to Dan's
question is actually, no, you can't. Which brings into question the
Thor, the Online Proof of Concept section of the blog post points you to a
*remote*
exploit (without any warning) but let me repeat the link here:
http://www.binaryplanting.com/demo/XP_2-click/test.html
Visit this with IE8 on 32-bit Windows XP.
Please find further information here:
It would hardly be worth mentioning otherwise.
Cheers,
Mitja
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf
Of Dan Kaminsky
Sent: Thursday, June 02, 2011 5:36 PM
To: secur...@acrossecurity.com
Cc: