TUCoPS :: Browsers :: hack2175.htm

IE/0DAY -> Insider Prototype
IE/0DAY -> Insider Prototype

Internet Explorer 6 SP1 running on Windows XP(Home Edition) Service Pack 1a
Updated on 2004/07/21 GMT+800

"the-insider" exploit was first noticed by the-insider:
http://umbrella.name/iebug.com/display-singlemessage.php?readms g:fulldisclosure_message-2004060050
and then documented by jelmer:
http://umbrella.name/iebug.com/display-singlemessage.php?readms g:fulldisclosure_message-2004060124 

[what is new]
the exploit is complicated.

i just simplified the exploit and made a very small demo of the xss
i hope it helps those who are confused by tons of code there in the

the prototype is actually extremely simple - and cool.

that's all.

[request your comment on iebug.com]
btw, what do you think of iebug.com
do you prefer just reading selected messages?
i can make iebug display selected messages only; i can enable all
visitors to vote for a message - or you have a better idea for

please comment on iebug.com and let me know.

Security and Vulnerability Discussion related to Internet Explorer,
Outlook, Java Virtual Machine and Windows Media Player found at
bugtraq, full-disclosure and microsoft security bulletin


have a nice day,

greetingz fly to: the Pull and dror
and all real full-disclosure guys, especially: malware and jelmer
and at last,but not least, all guys who helped improving winblox, epecially:
mdc12 and morning_wood
for contributing their code - it's a shame that i got some goddamned exams in
the remaining june.

i deleted all my email messages, please resend your email if i missed.

liu die yu

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH