| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Bojan.Zdrnja at LSS.hr (Bojan Zdrnja) Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of > morning_wood > Sent: Saturday, 3 January 2004 8:56 a.m. > To: full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] Self-Executing HTML: Internet > Explorer 5.5 and 6.0 Part IV > > > On Thu, 1 Jan 2004 22:41:35 -0000 "http-equiv@...ite.com" wrote: > > [snip] > > > Fully self-contained harmless *.exe: > > > > > > http://www.malware.com/exe-cute-html.zip > > [snip] > > > > This doesn't look like self-executing HTML - anyway. > > > > Gives dialog box to open or save a "blabla.hta" and no, it does not self-execute > even under > low security settings. try again Jelmer? Well, it works nicely on a machine I tested, fully patched WinXP and IE, default settings. First html creates a link c:\jelmer.lnk which points to exe file (fDfdfsdsfsdfssd3s343.exe) which is extracted from poopware.hta and executes it. As a result you get a nice fire :) Cheers, Bojan
Powered by blists - more mailing lists