Metasploit mailing list archives
PassiveX DLL restrictions
From: mmiller at hick.org (mmiller at hick.org)
Date: Mon, 13 Mar 2006 00:58:15 -0600
On Sun, Mar 12, 2006 at 10:52:19PM -0800, Ben Heinkel wrote:
Hello, Recently stumbled over win32_passivex to help with several issues I faced exploiting systems in proxy environments. Trying to demonstrate this, I used the winamp_playlist_unc exploit, combined with the win32_passivex payload. However, my IE gives me a warning of "passivex.dll - Windows has blocked this software because it can't verify the publisher". With IE security settings on Low it would allow you to install this DLL, but only after prompting. Has anybody worked with this payload extensively, any idea on getting around this ?
Which version of Itnernet Explorer are you using (and on what platform)? The PassiveX payload is designed to enable the download and execution of untrusted ActiveX controls such that this specific scenario doesn't happen, so the fact that you're getting this error means that it isn't working quite right :) We aware of issues with it on versions of Internet Explorer prior to 6.0, but have not heard of issues outside of this specific case.
Current thread:
- PassiveX DLL restrictions Ben Heinkel (Mar 12)
- PassiveX DLL restrictions mmiller at hick.org (Mar 12)
- PassiveX DLL restrictions Ben Heinkel (Mar 13)
- PassiveX DLL restrictions mmiller at hick.org (Mar 13)
- PassiveX DLL restrictions Ben Heinkel (Mar 16)
- PassiveX DLL restrictions Ben Heinkel (Mar 13)
- PassiveX DLL restrictions mmiller at hick.org (Mar 12)