| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 27 Jan 2004 08:25:55 -0000 From: Liu Die Yu <liudieyuinchina@...oo.com.cn> To: bugtraq@...urityfocus.com Subject: Re: Self-Executing FOLDERS: Windows XP Explorer Part V here is what's happening here on my default and up2date winxp.home: i downloaded the ZIP file at: http://www.malware.com/my.pics.zip double clicked it and another windows explorer popped up - there was folder inside the zip file. then i double clicked the folder - and my screen was burning... :-P i can play more interesting games when at my school: just shout out : man, i've shared matrix3 in "mat3" folder on my machine \\UMBRELLA... many guys will doubleclick that "folder" and get compromised. :-)))))) ---------------------- conclusion: cheating the victim into openning a folder icon is much easier than cheating them into openning an HTM file. so this is excellent stuff! another thing: it works under "mcafee virus scan" at present. added to my little collection of ie vulnz: http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/index.html (a part of TRIE - http://continue.to/trie )
Powered by blists - more mailing lists