Re: Winnt/Win2k Vuln ?

From: sween (sweenat_private)
Date: Fri Aug 10 2001 - 20:05:54 PDT

  • Next message: Kaneda Akira: "Re: Winnt/Win2k Vuln ?"

    I actually named the file www.google.com.exe on win95b, IE5 and it
    executed causing an illegal operation... no prompting, whatsoever.
    
    On Fri, 10 Aug 2001, Fab Siciliano wrote:
    
    > How is this a vulnerability?
    > I am still prompted to whether I want to save the file to disk, or run it 
    > from it's current location. The file just doesn't execute unless you want 
    > it to.
    > 
    > -Fab
    > 
    > 
    > At 03:34 PM 8/10/2001, Kevin Gagel wrote:
    > >You are incorrect.
    > >I am using win2k pro with sp2.
    > >I created a batch file and saved it to my desktop. It simply echoed
    > >hello.
    > >I renamed it to our web site with a .bat on the end.
    > >Then in IE addressbar I typed the www address of our web site and the
    > >batch file ran.
    > >
    > >"Rio Martin." wrote:
    > > >
    > > > I could confirm this, as long as you put executeable file in desktop, then
    > > > you will be able to open it. Extension .BAT wont run. Only .COM will run.
    > > > I also try to rename the file to www.somekind.org and it just showing "Open
    > > > With ..." window.
    > > >
    > > > Regards,
    > > > Rio Martin.
    > > > http://marsud.org/
    > > >
    > > > _
    > > > "Red Pantz" <redpantzat_private> wrote something like this:
    > > > > Hello all,
    > > > > I have found that if you name a file (can be any data file) a certain 
    > > URL,
    > > > on your desktop, and then g0 to IE and type that url, the web site will not
    > > > come up, only the program that was named the certain.confusing?
    > > > > i.e.
    > > > > - copy autoexec.bat to ..\desktop
    > > > > - rename autoexec.bat to www.google.com (can be any url)
    > > > > - then go to IE and type "www.google.com"
    > > > > - your batch file is then ran
    > > > > a few issues i have w/ this is:
    > > > > - the prog will only run if it is on your desktop
    > > > > - if you type "http://www.google.com", for example
    > > > >   it will not run(unless u name your file the same thing)
    > > > > - it has only been tested on Win2k SP1, Winnt 4.0 SP6a w/ IE 5.5
    > > > > - it doesn't seem to have any privelage escalation (all progs are run as
    > > > the current user logged on)
    > > > > Just want a few others to try it and see wut they think
    > > > > thanx alot
    > > > > redpantz
    > > > >
    > >
    > >--
    > >=============================
    > >Kevin W. Gagel
    > >Network Administrator
    > >College of New Caledonia
    > >gagelat_private
    > >(250)561-5848 loc. 448
    > >=============================
    > 
    > ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
    > Fab Siciliano
    > Networks and Security
    > Tel - 215.712.6200 Ext. 312
    > Optium, Inc.
    > "Break-Through Technology for Optical Transmission"
    > http://www.optiumcorp.com
    > :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
    > 
    > 
    > 
    
    
    --
    
     ---  -sween                               
    | M | http://www.modelm.org                 
     ---  "force feedback computing since 1984."
    <meta name="MSSmartTagsPreventParsing" content="TRUE">
    



    This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 23:29:37 PDT