[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20031105223616.82291.qmail@web20705.mail.yahoo.com>
From: sgmasood at yahoo.com (S G Masood)
Subject: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III
Doesn't appear to work on Win2kSP4 with IE6.
--- "http-equiv@...ite.com" <1@...ware.com> wrote:
>
>
> Wednesday, November 5, 2003
>
> In our never-ending quest for entertainment, we
> commece from
> this date forward to end-2004 our POS series of
> findings. That
> is the 'perfect operating system'. Today we debut
> and regurgitate
> new and not so new for fun as follows. A warm up for
> the New Year if
> you will !:
>
> The following file is an html file comprising both
> scripting and an
> executable [*.exe].
>
> We inject scripting and an executable into the html
> file which is
> designed to point back to the executable in the html
> file and execute
> it. Provided the html file is an html file, Internet
> Explorer 5.5 and
> 6.0 will execute it.
>
> Because it is an html file proper, Internet Explorer
> opens it. The
> scripting inside is then parsed and fired. That
> scripting is pointing
> back to the same executable file and because it is a
> self-executing
> html file, it executes !
>
> Fully self-contained harmless *.exe:
>
> CAUTION: back up notepad.exe before opening
>
> http://www.malware.com/self-exec.zip
>
> What a POS !
>
> Be aware of html files out there.
>
> --
> http://www.malware.com
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html
__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree
Powered by blists - more mailing lists