Full Disclosure mailing list archives
Re: IE Object Type Validation Vulnerability Exploit
From: Cael Abal <lists () onryou com>
Date: Thu, 18 Sep 2003 10:15:33 -0400
http://morningwood.ethicsdesign.com/fucked4test.html id that... who cares if its a trojan, you surely didnt think it was benign??? i didnt click it knowing it was a <object tag exploit.. or try a HEAD on the link first.. or even nc -vv someurl.isp/link.html *sigh*
If I didn't know better I might think you presented that link maliciously. As for your criticism, I believe you misunderstood. I wasn't warning folks the script was malicious. For anyone interested, I simply *identified* the executable which was MakeVBSed into the .vbs file Andreas posted to the list. Symantec calls it 'Download.Trojan'. Here's that link again: http://www.symantec.com/avcenter/venc/data/download.trojan.html If you're unfamiliar with MakeVBS, you can learn more here: http://rattlesnake.at.box.sk/newsread.php?newsid=7 Cheers, Cael ---
----- Original Message ----- From: "Cael Abal" <lists () onryou com> To: <full-disclosure () lists netsys com> Sent: Tuesday, September 16, 2003 7:03 PM Subject: Re: [Full-disclosure] IE Object Type Validation Vulnerability Exploit
Decrypted (undo VBS.Encode) it is the following: AndreasHi Andreas, The 'x.exe' created by this script is reported by Symantec as 'Download.Trojan': http://www.symantec.com/avcenter/venc/data/download.trojan.html Cael
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Blocking Music Sharing., (continued)
- Re: Blocking Music Sharing. srenna (Sep 15)
- RE: Blocking Music Sharing. Todd Mitchell - lists (Sep 15)
- Re: Blocking Music Sharing. Scott Manley (Sep 15)
- Re: Blocking Music Sharing. srenna (Sep 15)
- RE: Blocking Music Sharing. Bergeron, Jared (Sep 15)
- IE Object Type Validation Vulnerability Exploit n30 (Sep 15)
- Re: IE Object Type Validation Vulnerability Exploit phlox (Sep 15)
- Re: IE Object Type Validation Vulnerability Exploit n30 (Sep 15)
- Re: IE Object Type Validation Vulnerability Exploit Andreas Marx (Sep 16)
- Re: IE Object Type Validation Vulnerability Exploit Cael Abal (Sep 16)
- Re: IE Object Type Validation Vulnerability Exploit morning_wood (Sep 18)
- Re: IE Object Type Validation Vulnerability Exploit Cael Abal (Sep 18)
- IE Object Type Validation Vulnerability Exploit n30 (Sep 15)
- Re: Blocking Music Sharing. Sam Baskinger (Sep 16)
- Re: Blocking Music Sharing. morning_wood (Sep 18)
- Re: Blocking Music Sharing. Azerail (Sep 18)
- Re: Blocking Music Sharing. Cael Abal (Sep 15)
- Re: Blocking Music Sharing. Ron DuFresne (Sep 16)
- Re: Blocking Music Sharing. Jonathan A. Zdziarski (Sep 16)
- RE: Blocking Music Sharing. Rick Kingslan (Sep 16)
- RE: Blocking Music Sharing. Jonathan A. Zdziarski (Sep 17)