The Ethical Hacker Network - LinkedIn Toolbar Remote (Client side) Exploit

Home

Calendar

Certifications

Latest Additions

EH-Net Login

Welcome Guest.

Lost Password?

No account yet? Register

Who's Online
We have 32 guests online

You are here: Home

Ethical Hacking Discussions and Related Certifications

Malware

LinkedIn Toolbar Remote (Client side) Exploit

EH-Net

May 25, 2013, 11:02:46 AM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: Go back to The Ethical Hacker Network Online Magazine Home Page

Home

Help

Calendar

EH-Net > Ethical Hacking Discussions and Related Certifications > Malware (Moderator: don) > LinkedIn Toolbar Remote (Client side) Exploit

Pages: [1] Go Down

« previous next »

	Author	Topic: LinkedIn Toolbar Remote (Client side) Exploit (Read 3046 times)
0 Members and 1 Guest are viewing this topic.

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4169

Editor-In-Chief

LinkedIn Toolbar Remote (Client side) Exploit

« on: July 26, 2007, 02:49:49 PM »

Quote

LinkedIn Toolbar Remote (Client side) Exploit

----------------------------------------------------
Version: 3.0.2.1098 (LinkedInIEToolbar.dll)
How to Exploit
-----------------

If a user, with the LinkedIn toolbar installed, is tricked into browsing a website that contains the above code -- game over. However, this Proof of Concept (PoC) code merely pops up the calc.exe application. The PoC was tested on XPSP2. Reliability was not tweaked as this is just a proof.

Discovered and Exploited By
--------------------------------
Jared DeMott and Justin Seitz, VDA Labs

For original posting and exploit code:
http://www.vdalabs.com/tools/linkedin.html

Of course you don't have to stop using LinkedIn. You could simply disable or uninstall the toolbar. As they say, sometimes the best fix is the simplest one.

Kind of like... Doctor it hurts when I lift my arm like this, and the doctor says, then don't lift your arm like that. Cheesy