Re: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II

["D'Amato Luigi" <luigidamato () networkingitalia it>]

Confirm on 6.0.2800.1106

On my IE is present: SP1, q324929, q810847, q813951

D'Amato Luigi
Admin www.securitywireless.info
----- Original Message ----- 
From: "Dike" <Dike () tarita co id>
To: <bugtraq () securityfocus com>
Sent: Tuesday, February 25, 2003 1:50 PM
Subject: RE: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II


> Confirmed on IE 5.0 too :(
>
> Sorry One Liner,
> Dike
>
> > -----Original Message-----
> > From: http-equiv () excite com [mailto:http-equiv () malware com]
> > Sent: Wednesday, February 26, 2003 4:45 AM
> > To: bugtraq () securityfocus com
> > Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II
> > Tuesday, February 25, 2003 
> >
> > We are delighted to learn that the original self-executing html file, 
> > from June 1 2002 is now fixed with the most current of the many 
> > patches for the Internet Explorer series of browsers. See:
> >
> > http://online.securityfocus.com/archive/1/275126
> >
> > Regrettably.
> >
> > The following file is an html file comprising both scripting and an 
> > executable [*.exe]. 
> >
> > We inject scripting and an executable into the html file which is 
> > designed to point back to the executable in the html file and execute 
> > it. Provided the html file is an html file, Internet Explorer 5.5 and 
> > 6.0 will execute it. 
> >
> > Because it is an html file proper, Internet Explorer opens it. The 
> > scripting inside is then parsed and fired. That scripting is pointing 
> > back to the same executable file with our original codebase object 
> > from the year 2000 and because it is a self-executing html file, it 
> > executes ! 
> >
> > Tested IE5.5 and IE6. Fully self-contained harmless *.exe:
> >
> > http://www.malware.com/html.exe.zip 
> >
> > Be aware of html files out there. 
> >
> > Key Words: Trust it's Worthy so Think it's Tank silly obvious 
> >  
> > -- 
> > http://www.malware.com