Salam Alykom, Worked too on win98 , IE 5.0 Sa6ry ( A.Sabry ) Computer Engineering Application-developer ( VC, Win32 assembly, C/C++ , VB ) Web-developer ( HTML, PHP, CGI/Perl, Flash, Java Applet .. etc ) Database-developer Cartoon-Artist http://www.sa6ry.com Every body has to define his atom and start thinking using it, My atom is assembly . ----- Original Message ----- From: http-equivat_private <http-equivat_private> To: <bugtraqat_private>; <NTBugtraqat_private> Cc: <vuln-devat_private> Sent: Monday, June 03, 2002 3:26 AM Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 > Saturday, June 01, 200 > > The following file is an html file comprising both scripting and a > complied help file [*.chm]. > > We inject scripting into the actual help file which is designed to > point back to the html file and execute it. Provided the html file > name contains the 'word' chm in it, Internet Explorer 5.5 and 6.0 > executes it. > > Because it is an html file proper, Internet Explorer opens it. The > scripting inside is then parsed and fired. That scripting is pointing > back to the same file with a showHelp call and because that is > precisely what it is, it executes ! > > Tested on win98 IE5.5 and IE6. Constructed for win98: > > [harmless *.exe - requires positioning of Mshta.exe @ > C:\WINDOWS\SYSTEM] > > http://www.malware.com/html.zip > > Be aware of html files out there. > > End Call > > -- > http://www.malware.com
This archive was generated by hypermail 2b30 : Mon Jun 03 2002 - 09:15:29 PDT