Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: help:// protocol in Windows XP Prof

Re: help:// protocol in Windows XP Prof

From: pingywon MCSE <pingywon_at_gmail.com>
Date: Sun, 11 Jul 2004 01:11:33 -0400

hate to be the one to break it to you guys but that was just patched
in ms04-15 by an exploit found by morning_wood.

www.illmob.org

On 6 Jul 2004 09:36:16 -0000, Bartosz Kwitkowski <bartosz_at_wb.pl> wrote:
>
>
> There is funny thing in Internet Explorer 6.0 - Windows XP Professional (fully patched).
>
> When you are writing address in IE you can replace http:// by help://
>
> example:
>
> http://wb.pl/bartosz = help://wb.pl/bartosz
>
> and than hit <ENTER>... Page will open...
>
> other...
>
> help://www.securityfocus.com - looks funny, isn't? :-)
>
> when IE opens page changes help:// to http://
>
> BUT, BUT,
>
> when you are create hyperlink check
>
> it won't work - IE says syntax error...
>
> I'm trying to exploit this...
>
> Best regards,
> Bartosz Kwitkowski
>
> 

-- 
~pingywon MCSE 
http://www.pingywon.com
Received on Jul 12 2004
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos