execdror5
Go
[vuln tech]
1. "file-protocol proxy" to reach MYCOMPUTER zone;
2. "double slash" to tranform ie cache from INTERNET zone to MYCOMPUTER zone
-----------> CODEBASE execution and parse cache index as HTML
3. "HTTP Redirection and Refresh in IFRAME" to parse cache index
4. "script-src local file enumeration" to pick up an existing payload URL from
candidate urls
[ms-documented tech]
"setTimeout" and "try-catch" to probe the status of a time-consuming task.
from UMBRELLA.MX.TC
created by Liu Die Yu