| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: lists at onryou.com (Cael Abal) Subject: IE Object Type Validation Vulnerability Exploit > http://morningwood.ethicsdesign.com/fucked4test.html > id that... who cares if its a trojan, you surely didnt think it was > benign??? i didnt click it knowing it was a <object tag exploit.. or try a > HEAD on the link first.. or even > nc -vv someurl.isp/link.html > > *sigh* If I didn't know better I might think you presented that link maliciously. As for your criticism, I believe you misunderstood. I wasn't warning folks the script was malicious. For anyone interested, I simply *identified* the executable which was MakeVBSed into the .vbs file Andreas posted to the list. Symantec calls it 'Download.Trojan'. Here's that link again: http://www.symantec.com/avcenter/venc/data/download.trojan.html If you're unfamiliar with MakeVBS, you can learn more here: http://rattlesnake.at.box.sk/newsread.php?newsid=7 Cheers, Cael --- > ----- Original Message ----- > From: "Cael Abal" <lists@...you.com> > To: <full-disclosure@...ts.netsys.com> > Sent: Tuesday, September 16, 2003 7:03 PM > Subject: Re: [Full-Disclosure] IE Object Type Validation Vulnerability > Exploit >>>Decrypted (undo VBS.Encode) it is the following: >>>Andreas >> >>Hi Andreas, >> >>The 'x.exe' created by this script is reported by Symantec as >>'Download.Trojan': >> >>http://www.symantec.com/avcenter/venc/data/download.trojan.html >> >>Cael
Powered by blists - more mailing lists