view-source:file://c:/winnt/notepad.exe This will open notepad viewing notepad.exe on my system. I am running Win2k Pro sp2 + SRP1 and IE Version 6.0.2600.0000 Les -----Original Message----- From: Juan M. Courcoul [mailto:courcoulat_private] Sent: Tuesday, June 11, 2002 6:44 PM To: vuln-devat_private Subject: Re: internet explorer view-source url Juan M. Courcoul wrote: > hellNbak wrote >> On Mon, 10 Jun 2002, John C. Hennessy wrote: >> >>> Perhaps its just me but I see this as a potential problem. From what >>> I can >>> tell all versions of internet explorer 4 and above allow view-source >>> urls. >>> >>> view-source:http://www.news.com >> >> I think it might be just you as doing a view-source:///boot.ini will >> show you the LOCAL boot.ini. So, if I was a malicous web master, >> unless I can get some sort of code to execute this doesn't help me all >> that much. > > Tried both formats for the view-source URLs with the following results: > > Windows 2000 Professional SP2+all current patches > Internet Explorer 5.50.4807.2300 > view-source:http:... works, sort of. Page gets fetched, and displayed > using Notepad, not the main browser window. > > view-source:///local file does not work. Nothing is ever displayed. Several co-subscribers have kindly pointed out that the proper format is: view-source:file://c:/temp/somefile.txt This does work, sometimes. On my machine, this gets the file opened in the preferred application for that suffix (Notepad in this case) iff the file is visible and you have appropiate permissions. Now if we could get COMMAND.COM (Win9x) or its Win2k kindred to open an executable, THEN we could have some wicked fun, else like hellNback pointed out, it's just a mildly interesting bit of IE trivia. JMC
This archive was generated by hypermail 2b30 : Wed Jun 12 2002 - 09:52:32 PDT