Bugtraq mailing list archives
Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
From: "Jens Knoell" <jens () ing twinwave net>
Date: Tue, 25 Feb 2003 16:50:44 -0700
http-equiv () excite com <http-equiv () malware com> wrote:
[...] Because it is an html file proper, Internet Explorer opens it. The scripting inside is then parsed and fired. That scripting is pointing back to the same executable file with our original codebase object from the year 2000 and because it is a self-executing html file, it executes ! Tested IE5.5 and IE6. Fully self-contained harmless *.exe: http://www.malware.com/html.exe.zip Be aware of html files out there. Key Words: Trust it's Worthy so Think it's Tank silly obvious
This does not seem to work for me if done via webserver. It works like a charm locally, so it might be worthwile adding that this is only useful as an attached HTML (in an email, for example). Jens
Current thread:
- Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II http-equiv () excite com (Feb 25)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II Jens Knoell (Feb 26)
- <Possible follow-ups>
- RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II Dike (Feb 26)
- Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II D'Amato Luigi (Feb 27)