??? To remove
these permissions, the keys must be deleted under the respective class ID (CSLID)
206 Hacking Exposed Web 2.0
(ActiveX control) in the registry, as shown in the following examples. Here??™s an example
of registry permission for safe for scripting:
[HKEY_CLASSES_ROOT\CLSID\{CLSID of ActiveX control}\Implemented
Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
And here??™s an example for safe for initialization:
[HKEY_CLASSES_ROOT\CLSID\{CLSID of ActiveX control}\Implemented
Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
By removing these fields, the ActiveX control will no longer be listed as safe for any
remote scripting or initialization. Complete the following steps to unmark an ActiveX
object:
1. Open the registry editor by choosing Start | Run | Regedit.
2. Browse to the appropriate CLSID of the ActiveX object under HKEY_CLASSES_
ROOT: HKEY_CLASSES_ROOT\CLSID\{
}
3. Expand the CLSID key and then expand Implemented Categories key, as
shown in Figure 8-2.
Figure 8-2 ActiveX controls marked safe for scripting and initialization
Chapter 8: ActiveX Security 207
4. If you see {7DD95801-9882-11CF-9FA9-00AA006C42C4} and/or {7DD95802-
9882-11CF-9FA9-00AA006C42C4}, delete the keys.
Pages:
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371