Deliver via XSS on a trusted site (eg device interface) to avoid popping warnings. Also it's worth trying to embed them in Office docs, but that'll still pop a warning. But honestly, they're not super viable, just fun to pwn.
I stopped using Dranzer years ago because of the decreased attack surface of ActiveX. e.g. IE started prompting before allowing arbitrary ActiveX to run in a browser session. What's the most viable ActiveX vulnerability attack vector these days?
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.