GoFuckYourself.com - Adult Webmaster Forum - View Single Post - National Net. My deepest apologies. You are the best. Starpass Networks did it.

Magg · 07-20-2004, 08:36 PM

Media attention has been given to several commercial IIS websites being remotely hacked recently. Exploit-MhtRedir.gen was used to redirect the user's web browser to the location http://217.107.218.147 containing an infected web page that caused un solicited files to be downloaded and executed.

For further details about vulnerable IIS servers and IE clients, see http://www.microsoft.com/security/in...load_ject.mspx

The exploit results in a CHM (Microsoft Compiled Help) file being written to the local system allowing for additional exploit code to then execute the downloaded file.

The end result is the execution of arbitrary code at the permission level of the current user.

07-20-2004, 08:36 PM
Magg Confirmed User Join Date: Feb 2004 Location: ICQ: 132497047 Posts: 4,467	Media attention has been given to several commercial IIS websites being remotely hacked recently. Exploit-MhtRedir.gen was used to redirect the user's web browser to the location http://217.107.218.147 containing an infected web page that caused un solicited files to be downloaded and executed. For further details about vulnerable IIS servers and IE clients, see http://www.microsoft.com/security/in...load_ject.mspx The exploit results in a CHM (Microsoft Compiled Help) file being written to the local system allowing for additional exploit code to then execute the downloaded file. The end result is the execution of arbitrary code at the permission level of the current user.