Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0

From: S a 6 r y (sa6ryat_private)
Date: Sun Jun 02 2002 - 22:53:18 PDT

  • Next message: okrehelat_private: "Re: 72% of web base ping scripts allows attackers to pass malicious parameters"

    Salam Alykom,
    
    Worked too on win98 , IE 5.0
    
     Sa6ry ( A.Sabry )
     Computer Engineering
     Application-developer ( VC, Win32 assembly, C/C++ , VB )
     Web-developer ( HTML, PHP, CGI/Perl, Flash, Java Applet .. etc )
     Database-developer
     Cartoon-Artist
     http://www.sa6ry.com
     Every body has to define his atom and start thinking using it, My atom is
    assembly .
    
    ----- Original Message -----
    From: http-equivat_private <http-equivat_private>
    To: <bugtraqat_private>; <NTBugtraqat_private>
    Cc: <vuln-devat_private>
    Sent: Monday, June 03, 2002 3:26 AM
    Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0
    
    
    > Saturday, June 01, 200
    >
    > The following file is an html file comprising both scripting and a
    > complied help file [*.chm].
    >
    > We inject scripting into the actual help file which is designed to
    > point back to the html file and execute it. Provided the html file
    > name contains the 'word' chm in it, Internet Explorer 5.5 and 6.0
    > executes it.
    >
    > Because it is an html file proper, Internet Explorer opens it. The
    > scripting inside is then parsed and fired. That scripting is pointing
    > back to the same file with a showHelp call and because that is
    > precisely what it is, it executes !
    >
    > Tested on win98 IE5.5 and IE6. Constructed for win98:
    >
    > [harmless *.exe - requires positioning of Mshta.exe @
    > C:\WINDOWS\SYSTEM]
    >
    > http://www.malware.com/html.zip
    >
    > Be aware of html files out there.
    >
    > End Call
    >
    > --
    > http://www.malware.com
    



    This archive was generated by hypermail 2b30 : Mon Jun 03 2002 - 09:15:29 PDT