Changeset 1518

Timestamp:

01/14/08 17:03:48 (8 months ago)

Author:

jose

Message:

[phoneyc]
support for Persits Software XUpload Control
vuln module, exploit demos

Files:

• phoneyc/trunk/ActiveX.py (modified) (2 diffs)
• phoneyc/trunk/modules/jscript/XUpload.js (added)
• phoneyc/trunk/tests/xupload-2.html (added)
• phoneyc/trunk/tests/xupload.html (added)

phoneyc/trunk/ActiveX.py

@@ -42 +42 @@
-        self.clsid['3BFFE033-BF43-11d5-A271-00A024A51325'] = Domino()
-        self.clsid['983A9C21-8207-4B58-BBB8-0EBC3D7C5505'] = Domino()
+        self.clsid['E87F6C8E-16C0-11D3-BEF7-009027438003'] = XUpload()
-
-        self.clsname = {}
@@ -290 +291 @@
-        self.description = 'IBM Lotus Domino Web Access Control ActiveX Control'
-    
+class XUpload(ActiveX):
+    def __init__(self):
+        self.js_src = self.load_js_src('XUpload.js')
+        self.classname = 'XUpload'
+        self.cve_id = ('CVE-2007-6530', )
+        self.description = 'Persits Software XUpload 2.1.0.1'
+