Re: Crash IE with shell://:

From: Peter (fbsdqat_private)
Date: Wed May 23 2001 - 07:42:07 PDT

Next message: Abdulkareem Kusai: "CacheFlow external listerner 137/udp"

Previous message: cory: "Re: Crash IE with shell://:"
Maybe in reply to: Kayne Ian (Softlab): "Crash IE with shell://:"
Reply: Kevin J. Menard, Jr.: "Re[2]: Crash IE with shell://:"
Reply: Dino Amato: "Re: Crash IE with shell://:"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Guys try www.nul.cjb.net

That is my site and it tries to exploit just about every NS/IE/Win9x but that will 
make the OS crash [win9x] or IE/NS crash.  Included is this whole gopher thing 
also.  

btw, that htm page didn't work for me either, -- did nada.

On 05/22/2001 11:31:53 AM, cory is quoted as saying:
 

. . . .|On Tue, 22 May 2001, Kayne Ian (Softlab) transferred the following data:
. . . .|
. . . .|> All...
. . . .|> 	Wrote this little thing in a few spare mins. I'm no use with
. . . .|> javascript or webbased coding, so I'm sure there's much more you could do
. . . .|> with this. Anyway, attached is a .html that crashes all the machines I
. . . .|> tested it on - be prepared to loose explorer.exe if you run it. I guess this
. . . .|> is a working exploit/bug (and a really annoying one if it starts appearing
. . . .|> on the web), so if someone wants to forward this to the appropriate people
. . . .|> (bugtraq? microsoft?) then go for it... Also, if we could narrow down
. . . .|> exactly what it takes to fix it in the current versions, that would be good
. . . .|> too.
. . . .|>
. . . .|> enjoy...
. . . .|>
. . . .|> Ian Kayne
. . . .|> Technical Specialist - IT Solutions
. . . .|> Softlab Ltd - A BMW Company
. . . .|>
. . . .|
. . . .|Tried this against IE 5 ver. 5.00.2614.3500 with little result.
. . . .|The .htm shows up for a few seconds, then you recieve a 404 , with the
. . . .|Address box changing from http://blah.com/iecrashtest.htm to just
. . . .|/test.htm (strange?). During the change to a 404, a smaller box appears
. . . .|with res://C:\\Windows\System\SHDOCLC.DLL/syntax.htm explaining that the
. . . .|page can not be displayed, possibly because of removal or name change. It
. . . .|then request you do the following:
. . . .|	Open the 
res://C:\WINDOWS\SYSTEM\SHDOCLC.DLL/syntax.htm#shell://
. . . .|	home page, and then look for the links to the information you
. . . .|	want.
. . . .|
. . . .|Hope that helps
. . . .|
. . . .|cory



www.nul.cjb.net
www.FreeBSD.org



_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Next message: Abdulkareem Kusai: "CacheFlow external listerner 137/udp"
Previous message: cory: "Re: Crash IE with shell://:"
Maybe in reply to: Kayne Ian (Softlab): "Crash IE with shell://:"
Reply: Kevin J. Menard, Jr.: "Re[2]: Crash IE with shell://:"
Reply: Dino Amato: "Re: Crash IE with shell://:"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 23 2001 - 09:25:06 PDT