Re: [Full-Disclosure] "windows update activex"
From: Liu Die Yu (liudieyuinchina_at_yahoo.com.cn)
Date: 07/21/03
- Previous message: bugzilla_at_redhat.com: "[Full-Disclosure] [RHSA-2003:238-01] Updated 2.4 kernel fixes vulnerabilities"
- In reply to: Liu Die Yu: "Re: [Full-Disclosure] "windows update activex""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Liu Die Yu <liudieyuinchina@yahoo.com.cn>, guninski@guninski.com Date: Mon, 21 Jul 2003 23:30:13 +0800 (CST)
signed vulnerable small "addon" is pretty fine!
[*]downgrade windows by installing buggy patches:
as a routine, a patch will always verify if the system
needs this patch. msie dev is good at following
routines. so i guess(i have not tried): this won't
work.
[*]i need to add new buggy features to windows.
the component doesn't need to be EXE.
(but EXE can simplify the exploit.("codeBase"))
WANTED addons:
[0]signed by microsoft.
[1]vulnerable to remote system compromise; as small as
possible.
[2]installation doesn't require "RebootMachine".
[3]not installed by default.
if you happen to have such extremely useful things,
send me a copy. :-)
(it seems yahoo!mail is making mistakes. try to call
full-disclosure again. :-) )
--- Liu Die Yu <liudieyuinchina@yahoo.com.cn>
的正文:> if someone got something like that, i can
get the
> digest of that EXE. and your EXE can pass WinTrust
> check.
>
> THEN:
> cross-site scripting
> = update windows box with buggy software
> automatically
> = remote system compromise
>
> and all we use is normal "windows update" features.
> :-)
>
> great prosperity.
>
> die
>
> --- Georgi Guninski <guninski@guninski.com>
> 的正文:>
> Liu Die Yu wrote:
> > > BUT it's hard for the attacker to execute his
> EXE.
> > > i've traced into the module("IUENGINE.TEXT").
> > >
> >
> > Has someone tried downgrading windoze by
> installing
> > old signed stuff (probably a
> > very old m$ patch as exe will do, or just some old
> > signed installer from m$)?
> > After downgrading, old bugs start working.
> >
> > georgi
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> http://lists.netsys.com/full-disclosure-charter.html
>
>
>
_________________________________________________________
> Do You Yahoo!?
> 国内电邮用户反垃圾调查拉开帷幕
>
http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.tech.yahoo.com/zhuanti/laji/index.html
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html
_________________________________________________________
Do You Yahoo!?
国内电邮用户反垃圾调查拉开帷幕
http://cn.rd.yahoo.com/mail_cn/tag/?http://cn.tech.yahoo.com/zhuanti/laji/index.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: bugzilla_at_redhat.com: "[Full-Disclosure] [RHSA-2003:238-01] Updated 2.4 kernel fixes vulnerabilities"
- In reply to: Liu Die Yu: "Re: [Full-Disclosure] "windows update activex""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
