|
[tested] Internet Explorer 6 SP1 running on Windows XP(Home Edition) Service Pack 1a Updated on 2004/07/21 GMT+800 [intro] "the-insider" exploit was first noticed by the-insider: http://umbrella.name/iebug.com/display-singlemessage.php?readms g:fulldisclosure_message-2004060050 and then documented by jelmer: http://umbrella.name/iebug.com/display-singlemessage.php?readms g:fulldisclosure_message-2004060124 http://62.131.86.111/analysis.htm [what is new] the exploit is complicated. i just simplified the exploit and made a very small demo of the xss vulnerability: http://UMBRELLA.NAME/originalvuln/InsiderPrototype/demo.htm i hope it helps those who are confused by tons of code there in the exploit. the prototype is actually extremely simple - and cool. that's all. [request your comment on iebug.com] btw, what do you think of iebug.com http://iebug.com ? do you prefer just reading selected messages? i can make iebug display selected messages only; i can enable all visitors to vote for a message - or you have a better idea for iebug.com? please comment on iebug.com and let me know. iebug.com: ----- Security and Vulnerability Discussion related to Internet Explorer, Outlook, Java Virtual Machine and Windows Media Player found at bugtraq, full-disclosure and microsoft security bulletin up-to-hour ----- [ps] have a nice day, greetingz fly to: the Pull and dror and all real full-disclosure guys, especially: malware and jelmer and at last,but not least, all guys who helped improving winblox, epecially: mdc12 and morning_wood for contributing their code - it's a shame that i got some goddamned exams in the remaining june. i deleted all my email messages, please resend your email if i missed. liu die yu http://umbrella.name/