Off topicWindows XP Explorer Exploit| Author | Post | |||
theblacksheep       |
Check this out: http://www.securitytracker.com/alerts/2004/Jan/1008843.html I would be really interested in how it works. You can't really find information about it. |
|||
 05.04.2004 22:06:24 |
|
|||
cyph1e         |
Have a look at the example folder.. open it using your favourite editor and you'll see the code.. create a textfile called "*.folder" with your evil html-code in it to use the exploit  |
|||
 06.04.2004 11:49:15 |
|
|||
GO7 |
Damned there's a MiMail virus variant in this example ! |
|||
 06.04.2004 12:43:18 |
|
|||
obiwan  |
Hmmm My Virus Scanner (F-Prot) didn't see any Virus. But this Vulnerability is indeed used by the MiMail Virus. see http://www.f-secure.com/v-descs/mimail.shtml |
|||
 06.04.2004 14:11:14 |
|
|||
|
RandomIZE |
I was really interested in this exploit, so I've been playing around with it. It's really cool actually, and almost impossible to notice for the "normal" user. Other than clicking on it and opening it, there are only a few ways to tell that it is not a real folder. The first is by the fact that the "folder" has a size, which is not listed in the normal "icon" view. Another thing is that normal folders are listed as "file folders" while a html document made with the .folder extention is simply listed as "folder". And the last giveaway that I have seen is that when you right click on a normal folder it gives you a "Sharing and Security" option, which is not present when you right click on your evil "folder". Oh, and one other thing, if you right click on it and go to open, it will open in the web browser, but if you click expand or double click on the folder it will open in W.E. One cool thing that I found was the ability to execute JavaScript, and as far as I know (please let me know if I'm wrong), there is no way to disable javascript in windows explorer... Going to play around with it a bit more...maybe I can get some python script to execute...would be nice. Anyways, if anyone finds anything interesting out about this please post it. Later, RandomIZE |
|||
 08.04.2004 21:48:44 |
|
|||
|
theblacksheep |
the evil exe file that gets executed is in the folder-file encrypted in binhex 4.0. has anybody an idea why and why can i call the code by using: "nameoffakefolder!evilfile.exe"??? i have no idea. i don't get it. |
|||
|
09.04.2004 02:56:39 |
|
|||
|
obiwan |
Look at this: http://lists.netsys.com/pipermail/full-disclosure/2002-August/000947.html Maybe it helps |
|||
|
09.04.2004 13:13:00 |
|
|||
private message
EMail
Website