Ive figured it out, How it works is via local exploits, that I found on Milworm, like the old dcom exploits it was able for people to backdoor a user and then install an exe onto thier system.. simular to my method. I have tried the pdf exploit, which you can set using usescape chars to your exe link which will install silently on someones machine.. but that will bound to be patched soon adobe are pretty much on the ball with security updates unless I find another flaw in thier code.

Another remote exe or Drive-by install would be using php scripts with iframes in iframes ect.. well it is possible via certain scripts. The script I managed to get hold of are hard to find from some Russian Hackers using these to backdoor and Phish a system. Since exploits has been patched most didnt work, or failed due to cross browsers.. so I managed to modify the code and work on my own script, all is working well, however I need more of a bulletproof code to secure the script and its method.

I will keep this post updated.