lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sun, 24 Oct 2004 21:57:23 +0000
From: security <security@...amiteit.nl>
To: bugtraq@...urityfocus.com
Subject: Bug in hotmail


hi all,
i am not a  person that posts to bugtraq really, but more a person that 
reads from it!
well the thing is, I was checking my hotmail account, as i saw an e-mail 
from an old friend of mine, i saw an attachement, so i was already in 
doubt (but i was using gentoo anyways .. so not realy affraid of 
something like that ), but when i looked at the file i saw that it was a 
zip file that had a .txt file in it .. at least .. so it seamed. after 
downloading the file and extracting it , was look ing at the file name 
which was :

tmp $ ls -l dump.
dump.txt                                                                                                                                                                           
.scr
dump.zip

weird!!!!

$ ls -l dump.txt\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ .scr
-rw-r--r--  1 crocco users 53248 Aug 13  1985 
dump.txt                                                .scr

Ah makes more sense!!

$ file dump.txt\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ .scr
dump.txt  .scr: MS-DOS executable (EXE), OS/2 or MS Windows

 Funny, as i saw that i was 100% sure that it was a virus! although it 
was labeled as NO VIRUS FOUND on the hotmail site( i was thinking that 
it should be " no known viruses found") 
it was confirmed by friends of mine after i asked them to scan it for 
virusseson windows machines!

now, i can only come to 1 conclusion. the virus scanner of hotmail, does 
not check filenames as long as our file in question here!
and because many people would simply believe that it is virusfree and 
that it could again cause some new  virusrage i thaught it was pretty 
important and posted it in bugtraq!

cheers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ