Vulnerability Development mailing list archives
Re: Explorer crashes when it sees this .lnk file
From: anorexia () TELKOM NET (AnorEXia)
Date: Thu, 30 Mar 2000 19:09:01 -0300
Hi I've ran BSD and analyzed this file It's quite interesting since that content makes any sense We have 3 or 4 urls and lots of 6(demon? afraid not,,,) and some 7's. I didn't see any thing that could make crash, except for that for the win api the chars are always separated by a 00. So the url should be W.W.W..A.N.Y..C.O.M. where the points between the letters are 00's. Foremost, if you desn't have access to Another system than Windows and wish to analyze this little piece of ms+shit you don't really need to reboot windows to DOS. Simply open a dos prompt and type that old commands, rename filename newname, i.e. rename check.lnk check.lnk.txt Quite simple If than, you doesn't have a HEX editor, use debug Syntax is: debug filename, i.e. debug check.lnk.txt To see the core dump of the file you should type <d> and hit <enter> Oh, don't run debug from windows, do it from DOS since debug will mix all and dump win ram too (sux) No more, AnorEXia @ Tupi Tupi ------------------------------------------- BR(Brazil) +55(0)42-2247623 ------------------------------------------- Pyssatiro in Tupi Language means...Network ----- Original Message ----- From: Parity Error <bootup () MAIL RU> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Tuesday, March 28, 2000 10:47 AM Subject: Explorer crashes when it sees this .lnk file : Hi all, : : Explorer crashes when it "sees" this .lnk file in a directory. Looks like some : decoding code for .lnk files crashes when it sees this. The code : seems to be in a shared dll. U cannot edit this file using any windows based : hex editor. All apps crash when they see this. This may be exploitable, .... : :
Current thread:
- Re: spoofing the ethernet address (license managers), (continued)
- Re: spoofing the ethernet address (license managers) Forrest W. Christian (Mar 29)
- Explorer crashes when it sees this .lnk file Parity Error (Mar 28)
- Re: Explorer crashes when it sees this .lnk file Vladimir Dubrovin (Mar 29)
- Re: Explorer crashes when it sees this .lnk file Mike Furr (Mar 29)
- TCP Sequence Prediction Dean Michael Dorman (Mar 29)
- Re: TCP Sequence Prediction H D Moore (Mar 29)
- Re: TCP Sequence Prediction Seth R Arnold (Mar 29)
- Re: TCP Sequence Prediction Vladimir Dubrovin (Mar 30)
- Re: TCP Sequence Prediction Maxime Rousseau (Mar 30)
- Re: TCP Sequence Prediction Paul Taylor (Mar 30)
- Re: Explorer crashes when it sees this .lnk file AnorEXia (Mar 30)
- Re: Explorer crashes when it sees this .lnk file Vladimir Dubrovin (Mar 30)
- Re: Explorer crashes when it sees this .lnk file AnorEXia (Mar 31)
- Exposures in MQ and CORBA Adam.Levine () BANKOFAMERICA COM (Mar 31)