activex control demo

ActiveX compromise - The purpose of the demo is to show a compromise starting with a simple email containing a link to a landing page which _silently_ loads an ActiveX control that 'owns' the user machine. The user cannot be prompted for permission to run the control. If it can be done with pop-ups/unders that is okay, but the process must be automatic. The project requires compromise (buffer overrun) of an existing ActiveX control which would ideally shutdown IE and load an image of skull and crossbones. If the programmer is able I would prefer a customized http call so the image can be swapped out as desired for different audiences. For presentation reasons the exploit must be done using a control likely to be found on a machine, either installed by Windows or the Office suite. There are known exploits from last week of an Office XP control found at [login to view URL] The target machine this must work on is a Win XP SP2 machine with IE 6. Patch levels would be recent, but we can remove a specific patch to expose a control vulnerability. The demo must be realistic (hence no building a new control that would prompt the user before running) but we can tweak the machine for small variables. This will not and MUST not harm a machine. It simply displays a graphic to illustrate what has happened. ## Deliverables 1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done. 2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables): a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment. b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request. 3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement). ## Platform windows xp, service pack 2, IE6 and recent system patches