| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: madsaxon at direcway.com (madsaxon) Subject: .hta virus analysys >bryce <lord_ph@...cast.net> wrote: > > > I'm new to this list, and sorta new to security on a computer. But can > > someone tell me what program runs a .hta file?? Sigh. Since no one else seems inclined actually to answer this question, I'll do it. In a (pea)nutshell, Microsoft Internet Explorer is the application by which .hta files are designed to be interpreted. However, any browser that understands the syntax (e.g., Netscape) can in theory handle them. They provide functionality above and beyond HTML; they were originally supposed to supply designers with a way of prototyping Web-based applications that employ dynamic HTML, and thus would never be present in a production system. In reality, they get used for a lot of producation purposes: password/access control lists, triggering helper applications such as Office components, and in fact for launching just about any local program while providing a simple user interface similar to the password entry box included with most browsers. Convenient, and quite nasty if misused. Hopefully this brief overview will make it obvious to you what a serious security risk these files represent, and how laughably easy it was (is) to use them as a vector for malware. m5x
Powered by blists - more mailing lists