RE: ActiveX

Wil.Allsopp_at_ins.com
Date: 08/29/05

  • Next message: Tony King: "RE: Where are Windows "Enforce password history" passwords stored?"
    Date: Mon, 29 Aug 2005 18:13:45 +0100
    To: <andymolinetti@hotmail.com>, <paavan.shah@gmail.com>
    
    

    Andres,

    To list all installed Activex controls look under HKEY_CLASSES_ROOT\CLSID or download NirSoft's Activex Helper.

    To then load and use that component in an HTML context try something along the lines of the following:

    <HTML>
    ...
    <H1>Activex</H1><p>
    ...
    <OBJECT
       classid="..."
              codebase="..."
     ID="whateverX"
    ...

    </OBJECT><br><br>
    ...
    </HTML>

    If you're trying to do what I THINK you're trying to do - I'd recommend loading the control into a RAD environment such as Delphi, VB or whatever that will let you see the properties, methods and events that you will need to know to then write the html.

    Hope this helps,

    Wil

    -----Original Message-----
    From: Andres Molinetti [mailto:andymolinetti@hotmail.com]
    Sent: 29 August 2005 16:14
    To: paavan.shah@gmail.com
    Cc: pen-test@securityfocus.com
    Subject: Re: ActiveX

    Hi Pavan,

    what I am looking for is not MS products installed by ActiveX.
    I want to use some ActiveX Control installed by default on the system.

    And then show how an HTML page viewed in My Computer Sec zone can use it to
    take some actions on the system.

    Any ideas,

    cheers

    andy

    >From: paavan shah <paavan.shah@gmail.com>
    >To: Andres Molinetti <andymolinetti@hotmail.com>
    >CC: pen-test@securityfocus.com
    >Subject: Re: ActiveX
    >Date: Fri, 26 Aug 2005 10:31:09 -0800
    >
    >Hi Andres!!
    >
    >Well ,i don't have any knowledge about softwares of MS installed
    >through activex.Only when you update your computer ,windows updates
    >are downloded and installed through ActiveX.
    >
    >If you want to show your customer the dangers of executing activex
    >then goto 2020search.com ,it is a known toolbar,it is termed as adware
    >and at the time of installtion of this toolbar as activex it will also
    >give u so many popups and through those popups it will prompt u to
    >install other third party applications.
    >
    >This will show him dangers of activex.
    >
    >I hope this helps.
    >
    >regards,
    >Pavan Shah.
    >
    >On 8/26/05, Andres Molinetti <andymolinetti@hotmail.com> wrote:
    > > Hi, I need to explain a customer the dangers of executing ActiveX with
    >no
    > > restrictions and I would like to use some Activex shipped with Windows,
    > > Office or any other shipped with a MS popular product....
    > >
    > > I would like to use it and show some "showy" actions being executed in
    >the
    > > system...directory listings, shares, ips, command execution??
    > >
    > > Anyone knows which control may I use?
    > >
    > > thks,
    > >
    > > Andy
    > >
    > > _________________________________________________________________
    > > Móviles, DVD, cámaras digitales, coleccionismo... Con unas ofertas que
    >ni te
    > > imaginas. http://www.msn.es/Subastas/
    > >
    > >

    _________________________________________________________________
    ¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en
    MSN Motor. http://motor.msn.es/researchcentre/


  • Next message: Tony King: "RE: Where are Windows "Enforce password history" passwords stored?"

    Relevant Pages

    • Re: ActiveX
      ... I want to use some ActiveX Control installed by default on the system. ... >and at the time of installtion of this toolbar as activex it will also ... >give u so many popups and through those popups it will prompt u to ... >This will show him dangers of activex. ...
      (Pen-Test)
    • Re: ActiveX
      ... through activex.Only when you update your computer,windows updates ... If you want to show your customer the dangers of executing activex ... and at the time of installtion of this toolbar as activex it will also ...
      (Pen-Test)
    • Re: CE quick and dirty
      ... There are already ActiveX controls installed on the CE device (as I ... Whether or not HTML and ActiveX is the best way to deal with this ... thingummy, D8 can't program it, and the eMbedded VC4++ is a nightmare. ...
      (borland.public.delphi.non-technical)
    • Re: Deep Throat
      ... One is the Throat Trojan and the other ... >Port 1025 will have to be open to out bound traffic, ... >Your browser will be checked for installed ActiveX ... Invocation of secure ActiveX controls ...
      (microsoft.public.security.virus)
    • Re: Deep Throat
      ... You computer is scanned for open ports now. ... Your browser will be checked for installed ActiveX ... Visual Basic Script (VBScript) Test: ... Invocation of secure ActiveX controls ...
      (microsoft.public.security.virus)