Changeset 1522

Timestamp:

01/14/08 20:20:06 (9 months ago)

Author:

jose

Message:

[phoneyc]
support for AOL Radio AOLMediaPlaybackControl.exe
vuln module, basic exploit code

Files:

• phoneyc/trunk/ActiveX.py (modified) (2 diffs)
• phoneyc/trunk/modules/jscript/AolAmpX.js (added)
• phoneyc/trunk/tests/aol_ampx.html (added)

phoneyc/trunk/ActiveX.py

@@ -44 +44 @@
-        self.clsid['E87F6C8E-16C0-11D3-BEF7-009027438003'] = XUpload()
-        self.clsid['C1908682-7B2C-4AB0-B98E-183649A0BF84'] = AnswerWorks()
+        self.clsid['B49C4597-8721-4789-9250-315DFBD9F525'] = AolAmpX()
+        self.clsid['FA3662C3-B8E8-11D6-A667-0010B556D978'] = AolAmpX()
-
-        self.clsname = {}
@@ -306 +308 @@
-        self.cve_id = ('CVE-2007-6387', )
-        self.description = 'Vantage Linguistics AnswerWorks ActiveX Controls'
+
+class AolAmpX(ActiveX):
+    def __init__(self):
+        self.js_src = self.load_js_src('AolAmpX.js')
+        self.classname = 'AolAmpX'
+        self.cve_id = ('CVE-2007-6250', )
+        self.description = 'AOL Radio AOLMediaPlaybackControl.exe'