http-equivat_private <http-equivat_private> wrote: > [...] > Because it is an html file proper, Internet Explorer opens it. The > scripting inside is then parsed and fired. That scripting is pointing > back to the same executable file with our original codebase object > from the year 2000 and because it is a self-executing html file, it > executes ! > > Tested IE5.5 and IE6. Fully self-contained harmless *.exe: > > http://www.malware.com/html.exe.zip > > Be aware of html files out there. > > Key Words: Trust it's Worthy so Think it's Tank silly obvious This does not seem to work for me if done via webserver. It works like a charm locally, so it might be worthwile adding that this is only useful as an attached HTML (in an email, for example). Jens
This archive was generated by hypermail 2b30 : Wed Feb 26 2003 - 13:27:46 PST