lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <200402101736.i1AHagAD004663@web173.megawebservers.com> From: 1 at malware.com (http-equiv@...ite.com) Subject: Re: Possible new cross zone scripting in IE <!-- Cheng Peng Su Wrote: <a href="shell:My Music" --> Excellent ! The revival of the Pull's shell game: "directoryInfo.html", ie the "file://::{CLSID}" [see: http://www.securityfocus.com/bid/3867/] The following on this so-called Microsoft Windows XP machine: Control Panel Administrative Tools Cache CD Burning Cookies Desktop Favorites Fonts History Application Data Local Settings My Music My Pictures My Video NetHood Personal [my documents] PrintHood Programs Recent SendTo Start Menu Startup Templates http://www.malware.com/shell.game.html "Cache" can be very interesting <img dynsrc="malware.exe"> <a href="shell:Cache\malware.exe">Cache</a> needs to be worked on... -- http://www.malware.com